- YOUR PAYMENT ACCEPTANCE GUIDE
Payment acceptance solutions are an essential part of your business, and we want to make accepting payments as simple as possible for you.
This part of the Sub-Merchant Processing Agreement (through Appendix 5), is the Your Payments Acceptance Guide. It’s your quick reference to some guidelines for initiating transactions and accepting payments. You’ll also find recommendations and tips to help you prevent fraud, reduce chargebacks, and properly handle payments, refunds, exchanges, and most other situations you’ll encounter in your day-to day-business. To help you navigate more easily and find the information you need when you need it, we’ve organized this Section into three parts. At the end of the Section, you’ll also find information specific to processing WEX®, USBank®, Voyager®, American Express®, Discover® and PayPal® cards payments. Keep in mind, though, these guidelines highlight only some of the Card Organization Rules that apply to your acceptance of payments. Please carefully read the Card Organization Rules for each Card brand you accept.
If you have questions about initiating transactions, accepting payments or any of your other business services, please contact Customer Service at the number listed on your merchant services statement. Your Customer Service team is here to make things easier so let us know what we can do to help.
PART I
The first step of a transaction actually begins before a customer even decides to make a purchase. This part of Your Payments Acceptance Guide reviews steps you’ll need to take to ensure customers are informed of their payment options and understand the terms of sale. You’ll also find tips and important reminders for validating cards in order to reduce the risk of fraud. Finally, specific procedures for accepting debit and EBT payments are outlined. If you have questions about anything discussed in this guide, please contact Customer Service at the number located on your merchant services statement.
- Use of Payments Organizations’ Brands
DO’S
- do prominently display relevant trademarks of the payments organizations at each of your locations, in catalogs, on websites and on other promotional material.
- do only use the official trademarks of ours and of the payments organizations in the official format.
DON’TS
- don’t indicate that we or any payments organization endorses your goods or services.
- don’t use the trademarks of any payments organization after: your right to accept the cards of that payment organization has ended; or that payment organization has notified you to stop using their trademarks.
- don’t use the trademarks of ours or of the payments organizations in any way that injures or diminishes the goodwill associated with the trademarks.
- don’t use our trademarks or the trademarks of the payments organizations in any manner, including in any advertisements, displays, or press releases, without our prior written consent.
For special rules applying to the treatment of the American Express brand, please refer to Appendix 2.
- Point of Sale (POS) Reminders
Do clearly and conspicuously:
- disclose all material terms of sale prior to obtaining an authorization;
- at all points of interaction inform cardholders which entity is making the sales offer, so that the cardholders can clearly distinguish you from any other party involved in the interaction; and
- disclose any discount/incentive for customers to pay with cash, check, credit card or debit card and so on. Any such discount/incentive must be offered to all customers with no special treatment for any card brand or card issuing bank.
If you accept orders via the Internet, your website must include the following information in a prominent manner:
- a complete description of the goods or services offered;
- details of your (i) delivery policy; (ii) consumer data privacy policy; (iii) cancellation policy; and (iv) returns policy;
- the transaction currency (US dollars, unless permission is otherwise received from Servicers);
- the customer service contact, including email address and telephone number;
- your address, including country;
- the transaction security used on your website;
- any applicable export or legal restrictions;
- your identity at all points of interaction with the cardholder; and
- the date on which any free trial period ends.
If you limit refund/exchange terms or impose other specific conditions for card sales, you must clearly print (in 1/4″ letters) the words “No Exchange, No Refund,” etc. on the sales draft.
During a liquidation or closure of any of your outlets, locations or businesses, you must post signs clearly visible to customers stating that “All Sales Are Final,” and stamp the sales draft with a notice that “All Sales Are Final.”
- Validating the Cards
Transactions where the cardholder is present – ‘Card Present’ transactions
You must check the card if the cardholder is present at the point of sale;
- verify that the card is legitimate and valid;
- verify that the card is not visibly altered or mutilated;
- capture card data using the POS device by inserting the card (chip card), swiping the card (magnetic stripe), or tapping/waving the card (contactless).
- ensure that the cardholder enters their PIN using the keypad if prompted or provides their signature unless you are participating in the No Signature Required or PINless programs
- verify the card’s valid from date (if applicable) and the expiration date;
- verify that the card number and expiration date on the card are the same as on the transaction receipt and the number displayed on the POS device;
- verify that the name on the transaction receipt is the same as the name on the front of the card (if applicable); and
- ensure that the cardholder appears to be the person shown in the photograph (for cards with a photograph of the cardholder).
Transactions where the cardholder is not present – ‘Card Not Present’ transactions
This section applies to any transaction where the cardholder is not present, such as mail, telephone, Internet and E-commerce.
You may only conduct Internet transactions if you have notified us in advance and received approval.
DO’S
- do obtain the card account number, name as it appears on the card, expiration date of the card, and the cardholder’s statement
- do use the Address Verification Service (AVS). If you do not have AVS, contact Customer Service
- do clearly print the following on the sales draft, and provide a copy to the cardholder atthe time of delivery:
- the last four digits of the cardholder’s account number;
- the date of transaction;
- a description of the goods and services;
- the amount of the transaction (including shipping, handling, insurance, etc.);
- the cardholder’s name, billing address and shipping address;
- the authorization code;
- your name and address (city and state required).
- do obtain proof of delivery of the goods or services to the address designated by the cardholder or, if the cardholder collects the goods or services in person, obtain an imprint of the card.
- do notify the cardholder of delivery time frames and special handling or cancellation policies.
- do ship goods within 7 days from the date on which authorization was obtained. If delays are incurred (for example, out of stock) after the order has been taken, notify the cardholder and obtain fresh authorization of the transaction.
- do use any separate merchant identification numbers provided to you for Internet orders in all your requests for authorization and submission of charges.
- do provide at least 1 month’s prior written notice to your acquirer of any change in your Internet address.
DON’TS
- don’t exceed the percentage of your total payment card volume for Card Not Present sales, as set out in your application.
- don’t submit a transaction for processing until after the goods have been shipped or the service has been provided to the cardholder – the only exception to this is where the goods have been manufactured to the cardholder’s specifications and the cardholder has been advised of the billing details.
- don’t accept card account numbers by electronic mail.
- don’t require a cardholder to complete a postcard or other document that displays the cardholder’s account number in clear view when mailed or send any mailing to a cardholder that displays personal information in clear view.
It is also recommended that, if feasible, you obtain and keep a copy on file of the cardholder’s signature authorizing you to submit telephone and mail order transactions.
Address Verification Service (AVS) (and other fraud mitigation tools such as Verified by Visa®, Mastercard® Secure Code, Discover Protect Buy®, American Express® SafeKey, Card Validation Codes and Card Identification) does not guarantee against chargebacks; but, if used properly, they assist you in reducing the risk of fraud by confirming whether certain elements of the billing address provided by your customer match the billing address maintained by the card issuing bank. AVS also may help you avoid incurring additional interchange expenses. AVS is a separate process from obtaining an authorization and will provide a separate response. A transaction may be authorized regardless of the AVS response. It is your responsibility to monitor the AVS responses and use the information provided to avoid accepting high-risk transactions.
If a disputed charge arises for a transaction conducted over the Internet or electronically, a chargeback may be exercised for the full amount.
For Discover Network transactions, please refer to Appendix 3 for the Discover Network protocol for Internet transactions.
Customer – activated terminals and self-service terminals
Transactions processed at customer-activated terminals and self-service terminals have specific requirements for processing. You must contact Customer Service for approval and further instructions before conducting customer- activated terminal
- Transaction Guidelines
DO’S
- do only present for payment valid charges that arise from a transaction with a bona fide cardholder.
DON’TS
- don’t set a minimum transaction amount of more than $10 for any credit cards or of any amount for debit cards or Alipay transactions.
- don’t set a maximum transaction amount for any credit cards.
- don’t establish any special conditions for accepting a card.
- don’t make any cash disbursements or cash advances to a cardholder as part of a transaction with the exception of the Discover Network Cash Over service.
- don’t accept any direct payments from cardholders for goods or services which have been included on a sales draft;
- don’t require a cardholder to supply any personal information for a transaction (for example, phone number, address, driver’s license number) unless (i) instructed by the Voice Authorization Center; (ii) presented an unsigned card; or (iii) processing a Card Not Present transaction don’t submit any transaction representing the refinance or transfer of an existing cardholder obligation which is deemed uncollectible, for example, a transaction that has been previously charged back, or to cover a dishonored check.
- don’t submit sales drafts or credit drafts transacted on the personal card of an owner, partner, officer or employee of your business establishment or of a guarantor who signed your application form, unless such transaction arises from a bona fide purchase of goods or services in the ordinary course of your business.
- don’t carry out factoring, that is, the submission of authorization requests or sales drafts for card transactions transacted by another business.
- Security
You are responsible for maintaining the security of your POS devices and for instituting appropriate controls to prevent employees or others from submitting credits that do not reflect bona fide returns or reimbursements of earlier transactions.
Please comply with the data security requirements shown below:
DO’S
- do install and maintain a secure firewall configuration to protect data.
- do protect stored data, and do encrypt transmissions of data sent across open/public networks, using methods indicated in the Payment Card Industry Data Security Standard (PCI DSS) which is available at: pcisecuritystandards.org.
- do use and regularly update anti-virus software and keep security patches up-to-date.
- do restrict access to data by business “need to know”. Assign a unique ID to each person with computer access to data and track access to data by unique ID.
- do regularly test security systems and processes.
- do maintain a policy that addresses information security for employees and contractors.
- do restrict physical access to cardholder information.
- do destroy or purge all media containing obsolete transaction data with cardholder information.
- do keep all systems and media containing card account, cardholder, or transaction information (whether physical or electronic) in a secure manner so as to prevent access by, or disclosure to any unauthorized party.
- do use only those services and devices that have been certified as PCI-DSS compliant by the payment organizations.
DON’TS
- don’t use vendor-supplied defaults for system passwords and other security parameters.
- don’t transmit cardholder account numbers to cardholders for Internet transactions.
- don’t store or retain card verification codes (a three-digit code printed on the back of most cards and a four-digit code printed on the front of an American Express card) after final transaction authorization.
- don’t store or retain magnetic stripe data, PIN data, chip data or AVS data – only cardholder account number, cardholder name and cardholder expiration date may be retained subsequent to transaction authorization.
For Internet transactions, copies of the transaction records may be delivered to cardholders in either electronic or paper format.
- TransArmor Services
If you are receiving TransArmor services from us, the important DOs and DON’Ts listed below apply to you:
DO’S
- do comply with the payments organization rules, including PCI DSS.
- do demonstrate and maintain your current PCI DSS compliance certification.
Compliance must be validated either by a Qualified Security Assessor (QSA) with corresponding Report on Compliance (ROC) or by successful completion of the applicable PCI DSS Self-Assessment Questionnaire (SAQ) or Report on Compliance (ROC), as applicable, and if applicable to your business, passing quarterly network scans performed by an Approved Scan Vendor, all in accordance with payments organization rules and PCI DSS.
- do ensure that all third parties and software that you use for payment processing comply with the PCI DSS.
- do deploy the data protection solution (including implementing any upgrades to such service within a commercially reasonable period of time after receipt of such upgrades) throughout your systems including replacing existing card numbers on your systems with tokens.
- do use the token instead of card numbers for ALL activities after you receive the authorization response, including settlement processing, retrieval processing, chargeback and adjustment processing, and transaction reviews.
- do ensure that any POS device, gateway or VAR is certified by us for use with the data protection solution. If you are uncertain whether your equipment is compliant, contact a customer service representative at 866-359-0978.
- if you send or receive batch files containing completed card transaction information to/ from us, do use the service we provide to enable the files to contain only tokens or truncated information.
- do use truncated report viewing and data extract creation within reporting tools provided by us.
- do follow rules or procedures we give you periodically regarding your use of the data protection solution.
- do promptly notify us of a breach of any these terms.
DON’TS
- don’t retain full card numbers, whether in electronic form or hard copy.
- don’t use altered version(s) of the data protection solution.
- do promptly notify us of a breach of any these terms.
DON’TS
- don’t retain full card numbers, whether in electronic form or hard copy.
- don’t use altered version(s) of the data protection solution.
- don’t use, operate or combine the data protection solution or any related software materials or documentation, or any derivative works thereof with other products, materials or services in a manner inconsistent with the uses contemplated in this section.
- Debit Cards
When accepting debit cards, you’ll need to follow the specific requirements for each debit network, as well as, the general requirements set out in this section.
DO’S
- do read the account number electronically from the magnetic stripe/chip for transactions authenticated with a PIN. If the magnetic stripe/chip is unreadable, you must request another form of payment from the
DON’TS
- don’t process a credit card transaction in order to provide a refund on a debit card transaction.
- don’t complete a debit card transaction without:
- entry of the PIN by the cardholder (and no one else); or
- signature by the cardholder (and no one else)
Unless the transaction is a “no-signature” debit transaction or a “PINless” PIN debit transaction specifically supported by the debit network.
- don’t accept the PIN from the cardholder verbally or in written form.
- don’t manually enter the account number for PIN debit transactions. Signature debit transactions may be key entered if you are unable to swipe the card.
The debit network used to process your debit transaction will depend upon, among other things, our own business considerations, the availability of the debit network at the time of the transaction, and whether a particular debit card is enabled for a particular debit network.
The debit network used to route your transaction may or may not be the lowest cost network available. We may in our sole discretion:
- use any debit network available to us for a given transaction (including any of our affiliated PIN debit networks); and
- add or remove debit networks available to you based on a variety of factors including availability, features, functionality and our own business
YOU ARE RESPONSIBLE FOR SECURING YOUR POS DEVICES AND FOR IMPLEMENTING APPROPRIATE CONTROLS TO PREVENT EMPLOYEES OR OTHERS FROM SUBMITTING CREDITS AND VOIDS THAT DO NOT REFLECT BONA FIDE RETURNS OR REIMBURSEMENTS OF PRIOR TRANSACTIONS.
You may offer cash back to your customers when they make a PIN debit card purchase. You may set a minimum and maximum amount of cash back that you will allow. If you are not currently offering this service, your POS device may require additional programming to begin offering cash back as long as it is supported by the debit network.
You must reconcile your accounts for each location daily and notify us within 24 hours of any issues.
An adjustment is a transaction that is initiated to correct a debit card transaction that has been processed in error. For signature debit transactions (including “no-signature” debit transactions), both the cardholder and the card issuing bank have the right to question or dispute a transaction. If these questions or disputes are not resolved, a chargeback may occur. You are responsible for all adjustment and chargeback fees that may be charged by a debit network.
An adjustment may be initiated for many reasons, including:
- the cardholder was charged an incorrect amount, whether too little or too much;
- the cardholder was charged more than once for the same transaction;
- a processing error may have occurred that caused the cardholder to be charged even though the transaction did not complete normally at the point of sale; or
- a cardholder is disputing the goods or services provided.
All parties involved in processing adjustments and chargebacks are regulated by timeframes that are specified in the operating rules of the applicable debit network, the Electronic Funds Transfer Act, Regulation E, and other applicable law.
- Electronic Benefit Transfer (EBT) Transactions
We offer electronic interfaces to Electronic Benefit Transfer (EBT) networks for the processing, settlement and switching of EBT transactions initiated through the use of a state issued EBT card at your point of sale terminal(s) so that EBT recipients may receive EBT benefits.
EBT benefits may comprise:
- United States Department of Agriculture, Food and Nutrition Service (FNS),
- Supplemental Nutrition Assistance Program (SNAP),
- Women, Infants and Children Benefits (WIC Benefits), or
- Government delivered cash
If you accept EBT transactions or provide EBT benefits:
DO’S
- do provide EBT benefits to EBT recipients in accordance with applicable law and the procedures set out in the Quest rules, in the amount authorized through your terminal, upon presentation by an EBT recipient of an EBT card and such EBT recipient’s entry of a valid PIN.
- do use POS Terminals, PIN pad and printer or other equipment that meet required standards (including those set out in the Quest rules) during your normal business hours and in a manner consistent with your normal business practices.
- do comply with the procedures set out in the Quest rules for authorization of EBT benefits if your terminal fails to print EBT benefit issuance information as approved and validated as a legitimate transaction.
- do provide a receipt for each EBT transaction to the applicable EBT recipient.
- do provide EBT benefits for EBT recipients from all states.
- do notify us promptly if you plan to stop accepting EBT cards and providing EBT benefits or if you are unable to comply with this section or the Quest rules.
- do adequately display any applicable state’s service marks or other licensed marks, including the Quest marks, and other materials supplied by us in accordance with the standards set by the applicable state.
- do use any marks only to indicate that EBT benefits are issued at your location(s).
- do maintain adequate cash on hand to issue EBT service provider authorized cash benefits.
- do issue cash benefits to EBT recipients in the same manner and to the same extent cash is provided to your other customers.
DON’TS
- don’t accept EBT cards or provide EBT benefits at any time other than in compliance with this section or the Quest rules.
- don’t designate and direct EBT recipients to special checkout lanes restricted to use by EBT recipients unless you also designate and direct other customers to special checkout lanes for debit cards, credit cards or other payment methods such as checks other than cash.
- don’t resubmit any EBT card transaction except as specifically permitted by the applicable Quest rules and procedures.
- don’t accept any EBT card for any purpose other than providing EBT benefits, including accepting an EBT card as security for repayment of any EBT recipient obligation to you. If you violate this requirement, you will be obligated to reimburse the state or us for any EBT benefits unlawfully received by either you or an EBT recipient to the extent permitted by law.
- don’t dispense cash for FNS, SNAP and WIC Benefits.
- don’t disclose individually identifiable information relating to an EBT recipient or applicant for EBT benefits without prior written approval of the applicable state.
- don’t use the marks of any EBT service provider without prior written approval from such EBT service provider.
- don’t indicate that we, any state, or its EBT service provider endorse your goods or services.
- don’t require, or in your advertising suggest, that any EBT recipient must purchase goods or services from you as a condition to receiving cash benefits, unless such condition applies to other customers as well.
You must take sole responsibility for the provision of any EBT benefits other than in accordance with authorizations received from the EBT service provider.
If an authorized terminal is not working or the EBT system is not available:
DO’S
- do manually accept EBT cards and manually provide EBT benefits in the amount authorized through the applicable EBT service provider to the EBT recipients at no cost to the EBT recipients upon presentation by an EBT recipient of their EBT card.
- do obtain an authorization number for the amount of the purchase from the applicable EBT service provider while the respective EBT recipient is present and before you provide the EBT recipient with any FNS, SNAP and WIC benefits, or cash benefits, as applicable.
- do properly and legibly enter the specified EBT recipient, clerk and sales information, including the telephone authorization number, on the manual sales draft.
- do clear all manual vouchers authorizations on your point of sale terminal within 14 days after the date of applicable voice authorization. If a voucher expires before it has been cleared by your terminal for payment, no further action can be taken to obtain payment for the voucher
DON’TS
- don’t attempt to voice authorize a manual EBT transaction if the EBT recipient is not present to sign the voucher. The EBT recipient must sign the voucher. You must give a copy of the voucher to the EBT recipient at the time of authorization and retain one copy for your records.
- don’t re-submit a manual sales draft for payment for a transaction if you have not received an authorization number.
- don’t mail vouchers requesting payment.
You must take sole responsibility for (and you will not be reimbursed in respect of) a manual transaction if you fail to obtain an authorization number from the applicable EBT service provider in accordance with this section or otherwise fail to process the manual transaction in accordance with the Quest rules, except as specifically provided in the Quest rules.
Part II
This part of Your Payments Acceptance Guide reviews essential elements of a transaction, including authorizations, issuing refunds and exchanges, and handling special transactions like recurring payments. You’ll also find information about chargebacks and processes to put in place to avoid chargebacks. Feel free to contact Customer Service with any questions that arise as you review this information.
- Authorizations
General
- You must obtain an authorization approval code from us for all transactions.
- A positive authorization response remains valid for the timeframe set out in section 19.
- An authorization approval code only indicates the availability of funds on an account at the time the authorization is requested. It does not indicate that the person presenting the card is the rightful cardholder, nor is it a promise or guarantee that you will not be subject to a chargeback or adjustment.
- You must not attempt to obtain an authorization approval code from anyone other than us, unless we have authorized you to use a third party authorization system as set out in section 9. An authorization approval code from any other source may not be valid.
- If you use Address Verification Services (AVS), you must review the AVS response separately from the authorization response and make your own decision about whether to accept the transaction. A transaction may receive an authorization approval code from the card issuing bank even if AVS is unavailable or reflects that the address provided to you does not match the billing address on file at the card issuing bank.
- If you receive a referral response to an attempted authorization, for American Express transactions you must not:
- submit the transaction without calling for and receiving a voice authorization; and
- attempt another authorization on the same card through your POS device.
- You must not attempt to obtain multiple authorizations for a single transaction. If a sale is declined, do not take alternative measures with the same card to obtain an approval of the sale from other authorization sources. Instead, request another form of payment.
- If you fail to obtain an authorization approval code or if you submit a card transaction after receiving a decline (even if a subsequent authorization attempt results in an authorization approval code), your transaction may result in a chargeback and it may be assessed fines or fees by the payments organizations for which you will be responsible. Fees currently range from $25 to $150 per transaction.
- You will be charged for a request for an authorization approval code (where applicable), whether or not the transaction is approved.
- For card present transactions, it is highly recommended that you use your electronic authorization device to swipe (magnetic stripe), tap/wave (contactless) or insert (chip) cards.
Card Not Present transactions
It is highly recommended that you obtain the three digit card verification code on the back of the card (or the four digit verification code on the front of American Express cards) and that you include this code with each card not present authorization request unless the transaction is a recurring transaction.
For recurring transactions, submit the card verification code only with the first authorization request and not with subsequent authorization requests.
For American Express Card Not Present transactions, please also refer to Appendix 2. For Discover Network Card Not Present transactions, please also refer to Appendix 3. PayPal and Alipay do not allow Card Not Present transactions.
Authorization via telephone (other than terminal/electronic device users)
- You must call your designated Voice Authorization Toll Free Number and enter the authorization information into the VRU using a touch tone phone or hold for an authorization representative.
- If the Voice Authorization Center asks you to obtain identification from the cardholder before issuing an approval code, you must clearly write the appropriate identification source and numbers in the space provided on the sales draft.
- If the Voice Authorization Center asks you to confiscate a card, do not take any action that will alarm or embarrass the card presenter, and send the card to Rewards Department, P.O. Box 5019, Hagerstown, MD 21740. You may be paid a reward for the return of the card.
- If the sale is declined, please remember that our operators are only relaying a message from the card issuing bank. The fact that a sale has been declined must not be interpreted as a reflection of the cardholder’s creditworthiness. You must instruct the cardholder to call the card issuing bank.
Authorization via electronic devices
- If you use an electronic terminal to obtain authorization approval codes, you must obtain the authorization approval codes for all sales through this equipment.
- If your terminal malfunctions, please refer to your Quick Reference Guide or call the POS Help Desk. Please remember to check your terminal periodically because most terminal problems are temporary in nature and are quickly corrected.
- If a terminal is moved or if wires are disconnected, causing malfunction, call the POS Help Desk immediately and follow their instructions. You may be responsible for any service charges incurred for reactivation of the terminal.
- Until the terminal becomes operable, you must call your designated Voice Authorization Toll Free Number and enter authorization information into the VRU using a touchtone phone. During this time, each transaction must be imprinted using a manual Imprinter machine.
Third party authorization systems
If you have contracted to use one of our authorization services, you must not use another third party authorization system without notifying Customer Service. Otherwise, we will be unable to successfully research and defend any authorization related chargebacks on your behalf. This delay will significantly decrease your time to research and provide proof of authorization, thus reducing your opportunity to reverse a chargeback.
If you use another authorization network:
- you will be responsible for the downgrade of any transactions to a higher cost interchange that result from any mismatch of information to our systems and those of third-party authorization networks.
- liability resulting from discrepancies with that network must be resolved between you and that network. We will not research chargebacks resulting from authorization approval codes obtained from another authorization service organization. Such chargebacks will be passed through to you for resolution. If an authorization provided by a third-party authorization system is challenged in a chargeback, you must obtain proof (for example, third party authorization logs) from the authorization source and submit it to us within the time frame specified on the chargeback documentation.
Call the following for other card types, each of which is available 24 hours/day; 7 days/week:
American Express Direct 1-800-528-2121
JCB, International (For YEN and CAD currency only) 1-800-522-9345
TeleCheck 1-800-366-5010
Voyager 1-800-987-6589
WEX 1-800-842-0071
You must enter manually all approved sales that have been authorized in this manner as “post authorization” transactions into the terminal, once the terminal becomes operational. You must enter all credit transactions into the terminal for data capture. If you receive a referral and subsequently receive an approval, you may be subject to a chargeback. You must imprint the card using a manual imprinter machine to reduce the risk of such a chargeback. For specific procedures on electronic data capture, refer to the Terminal Operating Instructions/Users Guide. If the terminal malfunctions for more than 24 hours, contact Customer Service for further instructions on processing your transactions.
Automated dispensing machines
You must produce records for all transactions originating with automated dispensing machines or limited amount terminals. Such records must include the last four digits of the cardholder account number, merchant’s name, terminal location, transaction date, identification of transaction currency, transaction type (purchase), authorization code, and amount.
For Discover Network transactions, please refer to Appendix 3 for instructions on how to cancel an authorization.
For PayPal transactions, please refer to Appendix 4 instructions on how to cancel an authorization.
Partial authorization and authorization reversal
Partial authorization provides an alternative to a declined transaction by permitting a card issuing bank to return an authorization approval for a partial amount. This amount is less than the transaction amount requested because the available card balance is not sufficient to approve the transaction in full. The cardholder is able to use the funds remaining on the card to pay for a portion of the purchase and select another form of payment (in other words, another payment card, cash, check) for the remaining balance of the transaction.
- for Mastercard transactions, partial authorization is optional for batch authorized e- commerce transactions, mail order, telephone order transactions and recurring payment transactions.
- for Discover transactions, partial authorization support is optional for Card Not Present transactions. If you support partial authorizations, a partial authorization indicator must be included in each authorization request.
You must submit an authorization reversal if the authorization is no longer needed, a partial amount of the total authorized is submitted for the settled transaction, or the cardholder elects not to complete the purchase. The transaction sent for settlement must be no more than the amount approved in the partial authorization response. If you wish to support partial authorization functionality, you must contact Customer Service for additional rules and requirements.
- Special Types of Transactions
Payment by installments
If a cardholder makes a deposit toward the full amount of the sale price and pays the balance on delivery, please follow the procedures set out in this section.
DO’S
- do execute two separate sales drafts and obtain an authorization for each sales draft on each transaction date;
- do indicate on each sales draft:
- whether it is for the deposit or the balance of payment; and
- the authorization date and approval code; and
- do submit and seek authorization of each delayed delivery transaction under the same merchant identification number and treat deposits on the card no differently than you treat deposits on all other payment products.
- do complete Address Verification for each “balance” authorization.
- do obtain proof of delivery upon delivery of the services/merchandise purchased.
DON’TS
- don’t submit sales data to us relating to the “balance” until the goods have been completely delivered or the services fully
If delivery occurs after the timeframes set out in section 19, you must obtain a new authorization for the unprocessed portion of the transaction prior to delivery. If the transaction is declined, contact the cardholder and request another form of payment.
For example: On January 1, a cardholder orders $2,200 worth of furniture and you receive an authorization for the full amount; however, only a $200 deposit is processed leaving $2,000 balance remaining on the furniture. An authorization reversal must be processed for$2,000. When the goods are available to ship, the $2,000 transaction balance must be reauthorized.
Advance payment charges
If you permit or require cardholders to make advance payment charges for the following types of goods or services, please follow the procedures set out in this section:
- custom orders (for example, orders for goods to be manufactured to a customer’s specifications);
- ticketing for events or entertainment (for example, sporting events, or concerts);
- tuition, room, board, and other mandatory fees (for example, library or other students’ services fees at universities);
- tickets for airlines, rail lines, cruise lines, lodging, and other travel-related services (for example, tours or guided expeditions); and
- vehicle rentals; or
- in store merchandise not immediately available (for example, merchandise pre-purchased for an upcoming sale event or merchandise on layaway)
For all advance payment transactions:
- do state your full cancellation and refund policies;
- do clearly disclose your intention to receive advance payment;
- before you request an authorization, do obtain written consent from the cardholder to bill the card for an advance payment charge;
The cardholder’s consent must include (1) a detailed description of the goods or services to be provided, and (2) his or her agreement to all of the terms of the sale (including price, any cancellation or refund policies), and the expected delivery date of the goods or service:
- do obtain an authorization approval;
- do complete a sales draft: and
- if you cannot deliver the goods or services (for example, because custom-ordered merchandise cannot be fulfilled) and cannot make other arrangements, do immediately issue a credit for the full amount of the advance payment charge.
For Card Not Present transactions involving an advance payment:
- do ensure that the sales draft contains the words “Advance Payment,”; and
- within 24 hours of the advance charge being authorized, do provide the cardholder with written confirmation (for example, by email or facsimile) that advance payment charge has been made, the written confirmation must include (1) a detailed description of the goods or services to be provided; (2) the amount of the charge; (3) the confirmation number (if applicable); (4) the details of any cancellation or refund policies; and (5) the expected delivery date of the goods or
Recurring transactions
If you process recurring transactions and charge a cardholder’s account periodically for recurring goods or services (for example, yearly subscriptions and annual membership fees, etc.), please follow the procedures set out in this section.
DO’S
- do obtain cardholder approval for such goods or services to be charged on an ongoing basis to the cardholder’s Approval must at least specify:
- the cardholder’s name, address, account number and expiration date,
- the transaction amounts,
- the timing or frequency of recurring charges,
- the duration of time for which the cardholder’s approval is granted, and for Discover
Network and PayPal transactions, the total amount of recurring charges to be billed to the cardholder’s account, (including taxes and tips) and your merchant identification number,
- do obtain an authorization for each transaction.
- do include the recurring payment indicator in each authorization request, and as applicable, each batch submission entry.
- do indicate on the sales draft “Recurring Transaction” (or “P.O.” for Mastercard
- transactions)
- for Discover Network and PayPal recurring transactions, do include a toll-free customer service number that the cardholder can call to cancel his/her approval for the recurring transaction or to obtain other assistance relating to the recurring transaction.
- don’t store a payment credential if either the first payment transaction or account verification is declined.
DON’TS
- don’t include partial payments for goods or services purchased in a single transaction.
- don’t impose a finance charge in connection with the recurring transaction or preauthorized order.
- don’t complete a recurring transaction after receiving a cancellation notice from the cardholder or card issuing bank or after a request for authorization has been denied.
It is highly recommended that you obtain the three-digit card verification code on the back of the card (or the four-digit verification code on the front of American Express cards), include the number with the first authorization request. This is not required for subsequent authorization requests.
A positive authorization response for one recurring transaction is not a guarantee that any future recurring transaction authorization request will be approved or paid.
If the recurring transaction is renewed, you must obtain from the cardholder a new written request for the continuation of such goods or services to be charged to the cardholder’s account.
If you or we have terminated your right to accept cards, you must not submit authorization requests or sales data for recurring transactions that are due after the date of such termination.
For American Express transactions please also see Appendix 2.
Stored payment credential transactions
If you store information (including, but not limited to, an account number or payment token) to process future purchases on behalf of the cardholder, follow the procedures set out in this section.
DO’S
- do include the appropriate data values:
- when a payment credential is being stored for the first time,
- is used to initiate a stored credential transaction,
- or is used to identify an unscheduled credentials on file transaction.
- do submit a valid authorization if an amount is due at the time the payment credential is
being stored.
- do submit an authorization verification if no payment is due at the time the payment credential is being
DON’TS
- don’t store a payment credential if either the first payment transaction or account verification is
Card checks
If you accept card checks, you must treat checks from all the payment organizations that you accept equally (for example, if you accept Mastercard and American Express, your check acceptance policy must treat checks for both of these payment organizations equally). You should handle these card checks like any other personal check drawn upon a bank in the United States.
- Sales Drafts
DO’S
- do prepare a sales draft for each transaction and provide a copy of the sales draft or transaction receipt to the cardholder at the time the card transaction is completed. An exception is eligible transactions participating in any of the ‘No Signature Required’
- do only collect transaction data provided directly to you by the cardholder.
- do include all of the following information on a single page document constituting the sales draft:
- the cardholder’s account number;
- cardholder’s signature, unless you participate in any of the ‘No Signature Required’ programs Mastercard, Discover, and American Express do not require you to obtain signatures at the point-of-sale for credit or debit transactions unless required by law;
- date of the transaction;
- the total amount of the transaction, including any taxes to be collected, in the approved
- currency of the sale;
- description of the goods or services involved in the transaction—if there are too many items, combine them into one description; (for example, “clothing”) to ensure that all information is contained on a single page;
- description of your merchandise return and credit/refund policy;
- a valid authorization code;
- Merchant’s Doing Business As (“D/B/A”) name and location (city and state required) and merchant identification number. The merchant identification number is optional but if provided for Discover, include only the last four digits; and
- if the card has a magnetic stripe and the POS device fails to read the magnetic stripe, or if you are required to obtain a voice authorization, you must also use a manual imprinting machine to make a clear impression of the card on the same side of the signed sales draft. If you work in the face-to-face sales environment, you may include the card verification code in the authorization request for US domestic key-entered transactions in lieu of taking a manual card imprint, except for Discover.
DON’TS
- don’t include the card expiration date or any more than the last four digits of the card number in the copy of the sales draft which you provide to the cardholder.
- when imprinting sales drafts, you must not alter the cardholder account number, circle or underline any information on the sales draft or alter a sales draft in any way after the transaction has been completed and signed. Stray marks and other alterations on a sales draft may result in it becoming unreadable or
If you are EMV enabled, you may elect to participate in the No Signature Required programs.
For the No Signature Required Programs, you are not required to:
- provide a transaction receipt, unless requested by the cardholder; or
- obtain the cardholder’s signature provided that you transmit the full track data/full chip card data in the authorization request regardless of the sale amount.
- Refunds
DO’S
- do provide clear instructions to your customers regarding returns, including the following:
- customer service telephone number;
- reference number for the return;
- expected processing time for the credit;
- return address, preferably on a pre-formatted shipping label (if applicable).
- do document your cancellation policy and terms and conditions on the contract the cardholder signs, or on your website, as applicable.
- do create a credit draft containing the following information for every refund:
- the account number;
- the cardholder’s name;
- your name, city, state and merchant identification number. Merchant identification number is optional but if provided for Discover only include the last 4 digits
- transaction type;
- a description of the goods or services;
- the transaction date of the credit; the total amount of the credit; and
- for Discover Network transactions, the approved currency used and the signature of your authorized representative or employee.
- for PayPal transactions, the approved currency used and the signature of your authorized representative or employee.
- do submit all credit drafts to us within the timeframes set out in section 19;
- do submit each credit under the establishment where the credit originated;
- do provide full refunds for the exact dollar amount of the original transaction including tax, handling charges, etc., and in no circumstances provide a refund amount for more than the original card sale amount;
- do write clearly all amounts and other handwritten information – stray marks on the credit draft will render it illegible.
- if the card cannot be swiped for any reason, do imprint the credit draft with the same card used by the cardholder to make the original purchase when applicable.
- do ensure that the cardholder signs the credit draft, give the cardholder the appropriate copy, and deposit the credit draft immediately.
- do include the last 4 digits of the merchant identification number for Discover transactions.
DON’TS
- don’t circle or underline any information on the credit draft.
- don’t credit an account that differs from the account used for the original transaction.
- don’t include the card expiration date or any more than the last four digits of the card number in the copy of the credit draft which you provide to the cardholder.
- don’t give cash, check credit refunds or other consideration for card sales, with the exception of the following type of Visa transactions only:
- Visa Easy Payment Service Transaction or if EMV enabled and participating in Visa’s ‘No Signature Required’ program);
- the recipient of the gift is not the cardholder; or
- Visa prepaid card transaction if the cardholder states that the Visa prepaid card has been discarded.
- don’t intentionally submit a sale and an offsetting credit at a later date solely for the purpose of debiting and crediting your own or a customer’s account;
- don’t process a credit transaction after a chargeback has been received. Authorization is not required for credits.
Your website must communicate your refund policy to your customers and require your customers to select a “click-to-accept” or other affirmative button to acknowledge the policy. The terms and conditions of the purchase must be displayed on the same screen view as the checkout screen that presents the total purchase amount, or within the sequence of website pages the cardholder accesses during the checkout process.
For American Express transactions, please also refer to Appendix 2.
- Exchanges
For an even exchange, no additional paperwork is necessary, and you may simply follow your standard company policy.
For an uneven exchange, you must complete a credit draft, and follow the procedures outlined in section 11 for the total amount of the goods returned. The cardholder’s account will be credited for that amount. Then, complete a new sales draft for the total amount of any new goods purchased.
- Chargebacks, Retrievals and Other Debits
Chargebacks
Both the cardholder and the card issuing bank have the right to question or dispute a transaction. If such questions or disputes are not resolved, a chargeback may occur. You are responsible for all chargebacks, our chargeback fees and related costs arising from your transactions. As a result, we will debit your settlement account or settlement funds for the amount of each chargeback.
Due to the short time frames and the supporting documentation necessary to successfully (and permanently) reverse a chargeback in your favor, we strongly recommend that:
- you adhere to the guidelines and procedures outlined in this guide;
- if you do receive a chargeback, investigate, and if you dispute the chargeback, submit the appropriate documentation within the required time frame;
- whenever possible, contact the cardholder directly to resolve the dispute (except with respect to a Discover Network cardholder with whom direct contact regarding the dispute is prohibited by Discover Network Card Organization Rules); and
- if you have any questions, call Customer Service.
You must not process a credit transaction once a chargeback is received, even with cardholder authorization, as the credits may not be recoverable, and you may be financially responsible for the credit as well as the chargeback. Instead, the card issuing bank will credit the cardholder’s account.
Chargeback process
If the card issuing bank submits a chargeback, we will send you a chargeback notification, which may also include a request for transaction documentation. Due to the short time requirements imposed by the payments organizations, it is important that you respond to a chargeback notification and transaction documentation request within the time frame set out in the notification.
Upon receipt of a transaction documentation request, you must immediately retrieve the requested sales draft(s) using the following guidelines:
- make a legible copy, centered on 8-1/2 x 11-inch paper (only 1 sales draft per page);
- write the ‘case number’ from the request for transaction documentation on each copy/page;
- if applicable, make copies of a hotel folio, car rental agreement, mail/phone/Internet order form, or other form of receipt;
- if a credit transaction has been processed, make a copy of the credit draft;
- letters are not acceptable substitutes for sales drafts;
- fax or mail legible copies of the sales draft(s) and credit drafts, if applicable, to the fax number or mail address provided on the request form;
- if you fax your response, please (i) set your fax machine to print your fax number and name on the documents that you send, and (ii) set the scan resolution on your fax machine to the highest setting. We can use this information to help determine where the documentation received originated from if additional research is required, and the higher resolution setting improves the clarity of characters and graphics on the documentation transmitted and helps reduce the number of illegible fulfillments and chargebacks.
We strongly recommend that you also include a detailed rebuttal letter along with all pertinent documents when responding to a transaction request or a chargeback notification (for example, rental agreement, imprinted portion of the invoice or sales draft; the portion signed by the cardholder; and the area where the authorization codes, with amounts and dates, are located).
If the information you provide is both timely and, in our sole discretion, sufficient to warrant a re-presentment of the transaction or reversal of the chargeback, we will do so on your behalf. However, a re-presentment or reversal is ultimately contingent upon the card issuing bank and /or cardholder accepting the transaction under applicable payment organization guidelines. Re-presentment or reversal is not a guarantee that the chargeback has been resolved in your favor.
If we do not receive a clear, legible and complete copy of the transaction documentation within the timeframe specified on the request, you may be subject to a chargeback for “non-receipt” for which there is no recourse.
If you do not dispute the chargeback within the time limits set by the payments organization rules and regulations, you will forfeit your reversal rights. Our only alternative, which is available for Visa and Mastercard transactions only, is to attempt a “good faith collection” to the card issuing bank on your behalf for non-fraud chargeback reason codes. This process can take up to 6 months and must meet the card issuing bank’s criteria (for example, at or above a set dollar amount). Good faith collection attempts are not a guarantee that any funds will be collected on your behalf. Card issuing banks normally charge good faith collection fees, which are deducted from the transaction amount if accepted in addition to any processing fees that are charged by us.
The card issuing bank may charge a handling fee which will be debited from your settlement account or settlement funds if a transaction documentation request results from a discrepancy between the sales draft and the transmitted record regarding any of the following:
- the name of your business;
- the city, state, or country listed for your business;
- the transaction date.
Visa: If we reverse the chargeback and re-present the transaction to the card issuing bank, the card issuing bank, at its sole discretion, may elect to submit the matter for arbitration before Visa. Visa currently charges a $250 filing fee and a $250 review fee. Whether or not a decision is made in your favor, you will be responsible for all such fees and charges and any other applicable fees and charges imposed by Visa. Such fees and charges will be debited from your settlement account or settlement funds, in addition to the chargeback.
STAR®: If we reverse the chargeback and re-present the transaction to the card issuing bank, the card issuing bank, at its sole discretion, may elect to submit the matter for arbitration before STAR. Whether or not a decision is made in your favor, you will be responsible for all fees and charges relating to that arbitration and any other applicable fees and charges imposed by STAR. Such fees and charges will be debited from your settlement account or settlement funds, in addition to the chargeback.
Mastercard: If we reverse the chargeback and re-present the transaction to the card issuing bank, the card issuing bank, at its sole discretion, may elect to resubmit the chargeback. In such event, at our discretion, we will debit your settlement account or settlement funds for the chargeback. However, if you feel strongly that it is an invalid chargeback, we may, on your behalf and at your request, submit the matter for arbitration before Mastercard. Mastercard currently charges a $150 filing fee and a $250 review fee. Whether or not a decision is made in your favor, you will be responsible for all such fees and charges, and any other charges imposed by Mastercard. Such fees and charges will be debited from your settlement account or settlement funds, in addition to the chargeback.
Discover Network: If Discover Network rejects our re-presentment request and you feel strongly that the chargeback is invalid, we may, at our discretion and on your behalf and at your request, submit the matter for dispute arbitration before Discover Network. Discover Network charges Acquirers fees for re-presentment requests and matters submitted to Discover Network for arbitration We, In turn, may charge you fees for these items.
PayPal: If PayPal rejects our re-presentment request and you feel strongly that the chargeback is invalid, we may, at our discretion and on your behalf and at your request, submit the matter for dispute arbitration before PayPal. PayPal charges Acquirers fees for re-presentment requests and matters submitted to PayPal for arbitration. We, in turn may charge you fees for these items.
American Express: You may request a chargeback reversal if the chargeback was applied in error, provided that (i) you have responded to the original inquiry within the specified timeframe set out in your dispute notification, and (ii) you have provided all supporting documentation to substantiate the error.
Alipay: Refer to appendix 5.
Chargeback reasons
The following section outlines the most common types of chargebacks. This list is not exhaustive. Within each group, we have included recommendations on how to reduce the risk of chargebacks. These are recommendations only, and do not guarantee that you will eliminate chargebacks.
Chargebacks due to authorization
Description
Proper authorization procedures were not followed, and valid authorization was not obtained.
Likely scenario
- authorization not obtained.
- authorization was declined.
- transaction processed with an expired card and authorization was not obtained.
- transaction processed with an invalid account number and authorization was not obtained.
- Card Recovery Bulletin (CRB) or Exception File was not checked (transactions below floor limit).
Recommendations to reduce risk of chargeback
- obtain valid authorization on the day of the transaction.
- if you receive the following responses:
- decline – request another form of payment from the cardholder;
- referral – follow the voice procedures to obtain a valid authorization and obtain an imprint of the card;
- “Pick-up” – this means that the card issuing bank is asking for the card to be returned
- you must not accept the card for payment, and, in addition, you may retain the card and send it to us so that we can arrange for its return to the card issuing bank.
- you must not exceed any predetermined thresholds for specific POS device types as specified by each payments
- you must ship goods within the timeframe set out in section 19, after you have obtained authorization.
Chargebacks due to cancellation and returns
Description
Credit was not processed properly, or the cardholder has canceled or returned items.
Likely scenario
- Cardholder received damaged or defective merchandise.
- Cardholder continued to be billed for canceled recurring transaction.
- Credit transaction was not processed.
Recommendations to reduce risk of chargeback
- issue credit to the cardholder on the same account as the purchase in a timely manner.
- do not issue credit to the cardholder in the form of cash, check or in-store/merchandise credit as we may not be able to recoup your funds if the transaction is charged back.
- for recurring transactions ensure customers are fully aware of the conditions:
- cancel recurring transactions as soon as notification is received from the cardholder or as a chargeback, and issue the appropriate credit as needed to the cardholder in a timely manner; and
- notify the cardholder within 10 days (domestic) and 15 days (international) in advance of each billing, to allow the cardholder time to cancel the transaction.
- provide proper disclosure of your refund policy for returned/canceled merchandise, or services to the cardholder at the time of transaction. Card present, cardholder signed the sales draft containing disclosure.
- if applicable, the words “NO EXCHANGE, NO REFUND,” etc. must be clearly printed in 1/4-inch lettering on the sales draft:
- Ecommerce provide disclosure on your website on the same page as check out. Require the cardholder to click to accept prior to completion.
- Card Not Present, provide the cancellation policy at the time of the transaction.
- for any Travel & Entertainment (T&E) transaction, provide cancellation numbers to cardholders when the services are canceled.
- ensure delivery of the merchandise or services ordered to the cardholder.
- participate in recommended fraud mitigation tools.
Chargebacks due to fraud
Description
Transactions that the cardholder claims are unauthorized; the account number is no longer in use or is fictitious, or the merchant was identified as “high risk.”
NOTE: For Visa transactions, to ensure that you preserve your chargeback rights, you must:
- complete a retrieval request and provide a sales slip that contains all required data elements; and
- respond to all retrieval requests with a clear legible copy of the transaction document that contains all required data elements within the specified timeframe.
Likely scenario
- multiple transactions were completed with a single card without the cardholder’s permission.
- a counterfeit card was used and proper acceptance procedures were not followed.
- authorization was obtained; however, full track data was not transmitted.
- the cardholder states that they did not authorize or participate in the transaction.
Recommendations to reduce the risk of chargeback Card Present Transactions:
- obtain an authorization for all transactions.
- for recurring transactions ensure customers are fully aware of the conditions:
- cancel recurring transactions as soon as notification is received from the cardholder or as a chargeback, and issue the appropriate credit as needed to the cardholder in a timely manner; and
- notify the cardholder within 10 days (domestic) and 15 days (international) in advance of each billing, allowing the cardholder time to cancel the transaction.
- American Express customers have the option to receive written notification of the recurring transaction at least (10) days prior to submitting, or any time the charge amount exceeds a maximum amount that has been set by the cardholder.
- if you are utilizing an electronic device to capture card data, swipe, dip or wave all card transactions through your electronic authorization device to capture cardholder information. When applicable, ensure the displayed cardholder number matches the number on the card.
- You should avoid keying the card data into your electronic authorization device unless you are unable to capture the card data through one of the above methods. If you do key the card data into your electronic authorization device, it is highly recommended that you also key in the three- or four-digit verification code. Otherwise, you should, imprint the card using a valid imprinting device that will capture the embossed card and merchant information. You must write on the manually imprinted draft all pertinent information relating to the transaction (transaction date, dollar amount, authorization code and merchandise description) and obtain the cardholder signature if you are not participating in the No Signature program. Do not alter the imprint on the draft in any way. You are not protected from this type of chargeback by manually entering the information into the POS device.
NOTE: Do not imprint on the back of a signed sales draft. The imprint must be on the transaction document that contains all transaction elements to prove the card was present at the time of the transaction.
If you are not participating in the No Signature program:
- Obtain the cardholder signature for all transactions; ensure the signature on the sales draft matches the signature on the back of the card.
- Process all transactions one time and do not batch out transactions multiple times.
- Educate staff on procedures to eliminate point of sale (POS) fraud.
Card Not Present Transactions:
- Ensure delivery of the merchandise or services ordered to the cardholder.
- Participate in recommended fraud mitigation tools:
- Verified by Visa Program
- Mastercard SecureCode
- Address Verification Services (AVS)
- Use of card verification code
NOTE: While transactions utilizing these tools may still be disputed, the service may assist you with your decision to accept certain cards for payment.
- ensure you ship to the AVS confirmed address (bill to and ship to must match).
- obtain authorization for all transactions.
- ensure merchant descriptor matches the name of the business and is displayed correctly on the cardholder statement.
- ensure descriptor includes correct business address and a valid customer service number.
- please refer to Appendix 2 for American Express fraud mitigation tools.
Chargebacks due to cardholder disputes
Description
Goods or services not received by the cardholder, Merchandise defective or not as described.
Likely scenario
- Services were not provided, or merchandise was not received by the cardholder.
- Cardholder was charged prior to merchandise being shipped or merchandise was not received by agreed upon delivery date or location.
- Cardholder received merchandise that was defective, damaged, or unsuited for the purpose sold, or did not match the description on the transaction documentation/verbal description presented at the time of purchase.
- Cardholder paid with an alternate means and their card was also billed for the same transaction.
- Cardholder canceled service or merchandise and their card was billed.
- Cardholder billed for a transaction that was not part of the original transaction document.
- Cardholder claims to have been sold counterfeit goods.
- Cardholder claims the merchant misrepresented the terms of sale.
Recommendations to reduce such risk of chargeback
- provide Services or Merchandise as agreed upon and described to the cardholder; clearly indicate the expected delivery date on the sales receipt or invoice.
- contact the cardholder in writing if the merchandise or service cannot be provided or is delayed and offer the cardholder the option to cancel if your internal policies allow.
- if the cardholder received defective merchandise or the merchandise received was not as described; resolve the issue with the cardholder at first contact.
- if the merchandise is being picked up by the cardholder, have them sign for the merchandise after inspecting that it was received in good condition.
- do not charge the cardholder until the merchandise has been shipped, according to the agreed upon terms, and a signed Proof of Delivery from the cardholder is obtained.
- if unable to provide services or merchandise, issue a credit to the cardholder in a timely manner.
- accept only one form of payment per transaction. Ensure the cardholder is only billed once per transaction.
- do not bill cardholder for loss, theft or damages unless authorized by the cardholder.
- ensure that a description of the service or merchandise provided is clearly defined.
Chargebacks due to processing errors
Description
Error was made when transaction was processed, or it was billed incorrectly.
Likely scenario
- the transaction was not deposited within the payments organization specified timeframe.
- the cardholder was issued a credit draft. However, the transaction was processed as a sale.
- the transaction was to be processed in a currency other than the currency used to settle the transaction.
- the account number or transaction amount used in the transaction was incorrectly entered.
- a single transaction was processed more than once to the cardholder’s account.
- the cardholder initially presented the card as payment for the transaction. However, the cardholder decided to use an alternate form of payment.
- a limited amount or self-service terminal transaction was processed for an amount over the pre-determined limit.
Recommendations to reduce risk of chargeback
- process all transactions within the payments organization specified timeframes.
- ensure all transactions are processed accurately and only one time.
- if a transaction was processed more than once, immediately issue voids, transaction reversals or credits.
- ensure that credit transaction receipts are processed as credits and sale transaction receipts are processed as sales.
- ensure all transactions received a valid authorization approval code prior to processing the transaction. Also obtain a legible magnetic swipe or imprinted sales draft that is signed.
- do not alter transaction documentation or make any adjustments unless the cardholder has been contacted and agrees to modifications of the transaction amount.
- ensure limited amount, self-service and automated fuel dispenser terminals are set properly to conform to the predetermined limits.
Chargebacks due to non-receipt of information
Description
Failure to respond to a retrieval request or the cardholder does not recognize the transaction.
Likely scenario
- the transaction documentation was not provided to fulfill the retrieval request.
- the retrieval request was fulfilled with an illegible sales draft or was an invalid fulfillment (incorrect sales draft or the sales draft did not contain required information that may include signature if you are not participating in the No Signature Required program).
- the cardholder does not recognize or is unfamiliar with the transaction due to the merchant name or location not matching the name or location where the transaction took place.
Recommendations to reduce such risk of chargeback
- provide a clear and legible copy of the sales draft that contains all required data elements within the required timeframe that is specified on the retrieval request.
- ensure that the most recognizable merchant name, location and customer service phone number is provided on all transactions.
- retain copies of all transaction documentation for the required timeframe that is specified by each payments organization.
- develop efficient methods to retrieve transaction documentation to maximize ability to fulfill requests.
- Suspect/Fraudulent Transactions
If the card being presented or the behavior of the person presenting the card appears to be suspicious or you otherwise suspect fraud, you must immediately call the Voice Authorization Center and ask to speak to a Code 10 operator. Answer all their questions and follow their instructions.
While not proof that a transaction is fraudulent, the following are some suggestions to assist you in preventing fraudulent transactions that could result in a chargeback:
Does the cardholder:
- appear nervous/agitated/hurried?
- appear to be making indiscriminate purchases (for example, does not care how much an item costs, the size, etc.)?
- make purchases substantially greater than your usual customer (for example, your average transaction is $60, but this transaction is for $360)?
- insist on taking the merchandise immediately (for example, no matter how difficult it is to handle, is not interested in free delivery, alterations, etc.)?
- appear to be purchasing an unusual amount of expensive items or the same items?
- take an unusual amount of time to sign the sales draft, or look at the back of the card as he signs?
- take the card from a pocket instead of a wallet?
- repeatedly come back, in a short amount of time or right before closing time, to make additional purchases?
- cause an unusual, sudden increase in the number and average sales transactions over a one-to three-day period?
- tell you he has been having some problems with his card issuing bank and request that you call a number (that he provides) for a “special” handling or authorization?
- have a previous history of disputed charges?
- place orders to be shipped to an address other than the billing address, or use anonymous/free email domains?
- place orders sent to zip codes or countries where you show a history of fraudulent claims?
Does the card:
- have characters the same size, height, style and all within alignment?
- appear to be re-embossed (the original numbers or letters may be detected on the back of the card)?
- have a damaged hologram?
- have a Magnetic Stripe on the back on the card?
- have “valid from” (effective) and “valid thru” (expiration) dates consistent with the sale date?
We also recommend that you are vigilant for any cardholder who behaves as follows, specifically in relation to prepaid cards:
- frequently makes purchases and then returns the goods for cash;
- uses prepaid cards to purchase other prepaid cards;
- uses large numbers of prepaid cards to make purchases.
Gift Cards, jewelry, video, stereo, computer and camera equipment, shoes and men’s clothing are typically fraud-prone because they can easily be resold. Also be suspicious of high dollar amounts and transactions with more than one fraud prone item, (for example, two laptops, three gold chains, etc.).
Part III
In this part of the guide you’ll find helpful information about what to do if a card is left at your business, how long you must retain copies of records, how to return equipment and important transaction timeframes. This is also where you’ll find additional guidelines for specific industries including:
- Lodging
- Vending machines
- Travel & Entertainment
- Telecommunications
- Restaurants
- Petroleum
If you’d like additional information about anything you’ve read in Your Payments Acceptance Guide, please contact Customer Service.
- Lost/Recovered Card
If a card is left behind and remains unclaimed, you should call the appropriate payment organization’s Customer Service team via the number below and they will instruct you on how to handle it:
Visa | 1-800-336-8472 |
Mastercard | 1-800-826-2181 |
Discover | 1-800-DISCOVER (1-800-347-2683) |
AMEX | 1-800-992-3404 |
PayPal | 1-877-569-1113 |
- Retention of Records
You must securely retain legible copies of all sales drafts and credit drafts or any other transaction records for the following periods:
Mastercard, Visa, and STAR: 13 months from the transaction date. 5 years for healthcare sales drafts and credit drafts.
Discover Network: the longer of (i) 365 days or (ii) the resolution of any pending or threatened disputes, claims, disagreements or litigation involving the card transaction. You must also keep images or other copies of sales drafts for no less than 3 years from the date of the Discover Network transaction.
PayPal: the longer of (i) (A) 1 year from the transaction date, or (B) if the transaction date was subject to dispute, 2 years from the transaction date or (ii) the time period required by applicable law.
American Express: 24 months from the date on which you submitted the sales draft or credit draft to us. You must provide all sales drafts and credit drafts, or other transaction records requested by us within the shortest time limits established by payment organization rules.
- Return of Equipment
To return point of sale (POS) equipment that you do not own, you must call Customer Service for the address of the location to send the device.
You must include the following information in the shipping box:
- your name, address and phone number;
- the name of the person to contact if there are any questions;
- your merchant identification number;
- the serial number of the POS device (found on the underside of the POS device).
You must return the POS device in a manner that can be tracked
- Timeframes
Authorizations
A positive (approved) authorization response remains valid for:
- seven (7) days for Mastercard electronic processed transactions;
- ten (10) days for Visa, Discover, and STAR electronic processed transactions subject to the following exception:
- thirty (30) days for Visa, Discover and PayPal, twenty (20) days for STAR for the following Industries:
- car rental;
- airline and passenger railway;
- lodging;
- other Travel & Entertainment (T&E)
- seven (7) days for American Express electronic processed transaction subject to the following exception:
- thirty (30) days for the Travel & Entertainment (T&E) industries.
Delayed deliveries
If delivery is more than:
- 7 days (Mastercard, Visa, American Express, and STAR transactions); or
- 10 days (Discover Network and PayPal transactions);
- After the initial authorization request, you must reverse the authorization for the unprocessed portion and obtain a new authorization for the remaining amount before delivery.
Refunds
You must submit all credit transactions to us within 5 days of determining that a credit is due.
- Additional Provisions for Specific Industries
Merchants in the lodging industry
There are additional rules and requirements that apply to merchants in the lodging industry for practices including guaranteed reservations and charges for no shows, advance deposits, overbookings, and priority checkout. If you are a lodging merchant and wish to participate in the payment organization lodging services programs, please contact your sales representative or relationship manager for details and the appropriate payments organization requirements.
You must provide the cardholder with written confirmation of a guaranteed reservation. The confirmation must contain:
- cardholder’s name as it appears on the card, if present;
- card number, truncated where required by applicable law to you or us and card expiration date if present, unless prohibited by applicable law to you or us;
- reservation confirmation number;
- anticipated arrival date and length of stay;
- the cancellation policy in its entirety, inclusive of the date and time the cancellation privilege expire; and
- any other pertinent details related to the reserved
If a cardholder requests a cancellation in accordance with your cancellation policy and specified time frames, you must provide the cardholder with a cancellation number and instructions to retain a record of it.
If a cardholder requests a written confirmation of the cancellation, you must provide this confirmation to the cardholder within 3 business days of such request. For the purposes of this section, a “business day” means Monday through Friday, excluding Bank holidays.
The cancellation confirmation must contain:
- the cardholder’s reference that charges were placed on the card, if applicable, or a guarantee that a “no-show” charge will not be placed on the card;
- the cardholder’s name as it appears on the card, if present;
- the card number, truncated as required by applicable law to you or us;
- the card expiration date, if present, unless prohibited by applicable law to you or us;
- the reservation cancellation number;
- the date of cancellation;
- the name of your employee that processed the cancellation; and
- any other pertinent information related to the reserved accommodations.
Pre-authorization for Travel & Entertainment (T&E) and restaurant merchants
If you are a business engaged in providing travel and entertainment services (for example, car rentals, hotels, motels, etc.) or a restaurant business, and engage in the practice of “pre-authorization” you must comply with the following general procedures:
- a hotel, motel, or car rental merchant may obtain an estimated authorization at the time of check-in.
- restaurants must not add an estimated tip amount to the authorization request beyond the value of the goods provided, or services rendered, plus any applicable tax.
- you must notify the cardholder of the dollar amount you intend to “Pre-Authorize”.
- if the customer decides to use another form of payment (for example, cash, check, etc.) you must promptly call the Voice authorization Response Unit to delete the authorization hold. Provide the cardholder’s account number, original dollar amount and date of the transaction, and the authorization code. If a new transaction takes place, a new imprinted and signed sales draft for the exact amount and a new authorization code for that amount must be obtained.
- VEHICLE RENTAL PROVIDERS MAY NOT INCLUDE POTENTIAL VEHICLE DAMAGE OR INSURANCE DEDUCTIBLES IN ANY PREAUTHORIZATIONS.
- if you receive a decline on a transaction, you must wait 24 hours before attempting to reauthorize. If you reauthorize prior to this time frame and receive an approval, you may be subject to a chargeback and a fine imposed by the payments organizations.
- hotels, motels, and car rental merchants are allowed up to a 15% variance above the amount authorized. If the final amount charged to the cardholder exceeds the original estimate by more than 15% above the preauthorization, you must authorize any additional amounts, and all incremental authorization codes must be written in the authorization area along with the date of authorization and the amount authorized.
- pre-authorization for certain establishments services, are allowed up to a 20% (instead of 15%) variance above the amount authorized. If the final amount exceeds the amount “preauthorized” by more than 20%, you must authorize the additional amount. Estimating the authorization amount to include a tip is prohibited. The authorization request must include only the amount associated with the bill presented to your customer.
- you must obtain an authorization for the initial estimated charges and then monitor the
- charges to ensure that the actual charges made do not exceed the estimated charges. If the actual charges exceed the amount of the initial estimated authorization (and any subsequent estimated authorizations), then you must secure a positive authorization for the additional amount. Subsequent authorizations must only be for the additional amount of total charges, and must not include any amounts already authorized.
- the estimated amount of any pre-authorization for lodging accommodations must be based on (i) the intended length of stay; (ii) the room rate; (iii) applicable taxes and service charges; and (iv) other miscellaneous charges as dictated by experience.
- if an authorization request is declined, no charges occurring after that date will be accepted for that cardholder.
- you do not need to obtain a final authorization if the total sum of charges (the final amount) does not exceed 20% of the previously authorized charges. You must record the dates, authorized amounts, and their respective authorization approval codes on the sales draft(s).
Merchants operating vending machines
For Mastercard, if you are operating vending machines under MCC 5499 (Miscellaneous Food Stores-Convenience Stores, Markets, Specialty Stores), you need not provide a receipt at the time a transaction is conducted. However, if a vending machine cannot provide a printed receipt, you must disclose and post instructions advising cardholders how a receipt may be obtained.
Telecommunication service providers
You must contact Customer Service for approval and further instructions, rules and requirements before conducting telecommunication transactions.
Telecommunication card sales occur when a telephone service provider is paid directly using a card for individual local or long-distance telephone calls, with the exception that prepaid telephone service cards are not and do not give rise to telecommunication card sales.
The Petroleum industry
For Visa, Mastercard, STAR, American Express, Discover, and PayPal transactions, merchants operating in the petroleum industry that conduct card sales at Automated Fuel Dispensers (AFDs), may submit an authorization request for $1 to verify the validity of the card presented. Under such circumstances, you must submit an authorization advice message for the actual amount of the card sale within 60 minutes of completion of fuel delivery regardless of whether you previously received a partial authorization response or a positive authorization response for any other amount. If you do not complete the card sale following receipt of an approved authorization response for any amount, a request to cancel the authorization request must be submitted within 60 minutes of the completion of fuel delivery.
APPENDICES
Each applicable appendix below, is applicable to you, if you are using the service or product described in it. By using the service you agree to the terms of the accompanying appendix
APPENDIX 1
ADDITIONAL PROVISIONS FOR WEX AND VOYAGER
WEX cards
If you participate in the WEX Full Service program, the following terms and conditions will apply:
DO’S
- do provide, at your own expense, all equipment necessary to permit the electronic acceptance of the WEX cards, including the operation and maintenance of the equipment, telecommunication link, and provision of all networking services.
- do include in any request for authorization the following information:
- WEX cardholder account number,
- vehicle number,
- card expiration date,
- driver identification number,
- the amount of the transaction,
- the date and time of the transaction,
- the quantity of goods sold, unit price, and product code (the “authorization Request
- Data”),
- an authorization number or other approval code from WEX for all manual WEX card sales (in other words, sales facilitated by a card imprinter).
- do ensure that the product detail of each transaction is accurate including:
- the type of goods sold,
- quantity of goods sold,
- unit price/price per gallon (if applicable),
- taxes, and
- any coupons presented.
- do ensure that the product detail outlined equals the total amount of the sale when calculated (in other words, product quantity x unit price must equal the product amount. The sum of all product amounts including taxes minus any coupons must equal the total transaction amount).
- do complete a WEX card sale only upon the receipt of an authorization approval message.
- do provide a copy of the receipt for a WEX card sales, upon the request of the cardholder, to the extent permitted by applicable law. The receipt must not include the full account number or driver identification number.
- do require the cardholder to sign a receipt when a WEX card sale is not completed by an island card reader.
- do take all commercially reasonable efforts to protect manual WEX card sales data from fraud or misuse.
- do securely maintain a record of all WEX card sales (including the authorization request data) for a period of one year. You must produce such records upon the reasonable request of WEX.
- do notify us of any errors contained in a settlement report within 45 days of receipt of such report. We will not accept reprocessing requests for WEX transactions older than 90 days.
- do allow WEX to audit records, upon reasonable advance notice, related to the WEX Full Service.
- do retransmit WEX card sales data when reasonably requested to do so.
DON’TS
- Don’t submit a WEX card sale for processing unless a WEX card is presented at the time of the sale.
- Don’t accept a WEX card if an expired card / decline message is received.
- Don’t submit a WEX card sale for processing until the goods have been delivered or services performed.
- Don’t accept a WEX card if it appears to be invalid or expired or there is reasonable belief that the WEX card is counterfeit or stolen.
- Don’t divide the price of goods and services purchased in a single WEX card sale among two or more sales receipts.
- Don’t permit a WEX card sale when only partial payment is made by use of the WEX card and the balance is paid with another bank card.
- Don’t remove fuel tax at the point of sale is not permitted. For all payment system product codes that are taxable, the transaction dollar amount and price per gallon (PPG) must contain the sum of the fuel cost and PPG inclusive of all applicable Federal, State, County, Local and other fuel taxes.
You acknowledge and agree that your sole remedies with respect to the WEX Full Acquiring services will be against us and not WEX, except to the extent that WEX knows of any fraud related to the WEX cards and fails to provide notice of such fraud or WEX commits fraud in respect to the WEX Full Acquiring Services.
Voyager cards
- You must check Fleet Cards for any printed restrictions at the point of sale.
- You must establish a fair policy for the exchange and return of merchandise.
- You must promptly submit credits to us for any returns that are to be credited to a Voyager cardholder’s account.
- You must not give any cash refunds to any Voyager card holder in connection with a sale, unless required by law.
In addition to the information set out in Section 11 (Sales Drafts), you must include the following information on a single page document constituting the sales draft for Voyager transactions:
- all authorization request data for Voyager card sales must include the following:
- Voyager cardholder account number,
- card expiration date,
- driver identification number; and
- the amount of the transaction, date and time of the transaction,
- quantity of goods sold, unit price, and product code (the “Authorization Request Data”).
- all manual Voyager card sales (in other words, sales facilitated by a card imprinter) must include:
- the Authorization Request Data,
- an authorization number or other approval code from Voyager,
- the type of goods sold, quantity of goods sold, unit price/price per gallon (if applicable), taxes, and
- any coupons presented within the product.
- the product detail outlined must equal the total amount of the sale when calculated, in other words:
- product quantity x unit price must equal product amount.
- the sum of all product amounts including taxes minus any coupons must equal the total transaction amount.
You must not remove fuel tax at the point of sale. For all payment system product codes that are taxable, transaction dollar amount and price per gallon (PPG) must contain the sum of the fuel cost and PPG inclusive of all applicable Federal, State, County, Local and other fuel taxes.
If there is an increase of 15% or more compared to the previous month in the number of Voyager transaction authorization calls that are not due to our or Voyager system outages, we may, at our discretion, deduct telephone charges from the settlement of your Voyager transactions. Fees will not exceed $0.25 per call.
Settlement of Voyager transactions will generally occur by the fourth banking day after we process the applicable card transactions. We will reimburse you for the dollar amount of sales you submit for a given day, reduced by the amount of chargebacks, tax exemptions, discounts, credits, and the fees set out in the Agreement You must notify us of any errors contained with the settlement reports within 30 calendar days of receipt of such report. Neither we nor Voyager will be required to reimburse you for sales submitted more than 60 calendar days from the date of purchase.
For daily transmission of sales data, you must securely maintain true and complete records for a period of not less than 36 months from the date of the generation of the data. You may store records on electronic media, if secure. You are responsible for the expense of retaining sales data records and sales drafts.
APPENDIX 2 ADDITIONAL PROVISIONS FOR AMERICAN EXPRESS TRANSACTIONS
For merchants participating in the American Express OptBlue® Program, you should review the operating guide made available to you at
www.americanexpress.com/merchantopguide .
Treatment of the American Express marks
Whenever payment methods are communicated to customers, or when customers ask what payments are accepted, you must indicate your acceptance of the American Express card and display the American Express marks (including any card application forms provided to you) as prominently and in the same manner as any other payment products.
You must not use the American Express marks in any way that injures or diminishes the goodwill associated with the mark, nor (without our prior written consent) indicate that American Express endorses your goods or services.
You must only use the American Express marks as permitted. You must cease using the American Express marks upon termination of your acceptance of American Express cards.
For additional guidelines on the use of the American Express marks, please contact Customer Service.
Treatment of American Express cardholder Information
Any and all cardholder information is confidential and the sole property of the card issuing bank, American Express or its affiliates. Except as otherwise specified, you must not disclose cardholder Information, nor use nor store it, other than to facilitate transactions at your establishments in accordance with the terms on which you are authorized to accept American Express cards.
Authorization for Card Not Present transactions
If you process a Card Not Present transaction you must obtain the following information:
- the card number;
- the card expiration date;
- the cardholder’s name as it appears on the card;
- the cardholder’s billing address; and
- the delivery address if different from the billing address. In addition, for Internet transactions you must:
- use any separate merchant identification numbers (Seller ID) established for your Internet orders in all of your requests for authorization and Submission of charges;
- provide us with at least one (1) month’s prior written notice of any change in your Internet address; and
- comply with any additional requirements that American Express provides from time to time.
American Express has the right to chargeback for any Card Not Present transaction that the cardholder denies making or authorizing. However, American Express will not chargeback for any Card Not Present transaction based solely upon a claim by a cardholder that he or she did not receive the disputed goods if you have:
- verified the address to which the goods were shipped was the cardholder’s full billing address; and
- provided proof of delivery signed by the cardholder or an authorized signer of the card indicating the delivery of the goods or services to the cardholder’s full billing address.
American Express will not be liable for actual or alleged fraudulent transactions over the Internet and will have the right to chargeback for those charges.
If a disputed transaction arises involving a card not present transaction that is an Internet electronic delivery transaction, American Express may exercise a chargeback for the full amount of the transaction and place you in any of its chargeback programs.
Charge records (also known as ‘sales drafts’)
For each transaction submitted:
- electronically – you must create an electronically reproducible charge record; and
- on paper – you must create a charge record containing all of the following required data: – full card number and expiration date, and if available, cardholder name;
- the date the transaction was incurred;
- the amount of the transaction, which must be the total price for the purchase of goods and services (plus applicable taxes and gratuities) purchased on the card;
- the authorization approval;
- a clear description of the goods and services purchased by the cardholder;
- an imprint or other descriptor of your name, address, merchant identification number and, if applicable, store number;
- the words “No Refunds” if you have a no refund policy, and your return and cancellation policies; and
- the cardholder’s signature (if a Card Present transaction and you are not participating in the No Signature Program), or the words “telephone order,” “mail order,” “Internet Order,” or “signature on file,” as applicable (if a Card Not Present transaction).
In the charge record (and a copy of the customer’s receipt) you must:
- include your return and cancellation policies; and
- mask truncated card number digits with replacement characters such as “x,” “*” or “#,” and not blank spaces or
If the cardholder wants to use more than one card for payment of a purchase, you may create a separate charge record for each card used. However, if the cardholder is using a single card for payment of a purchase, you must not divide the purchase into more than one transaction, and you must not create more than one charge record.
Refunds
To issue a refund you must:
- compare the last four digits on the charge record against the card presented (when applicable);
- issue the credit in the currency in which the original transaction was submitted to us; and
- issue the credit to the card used to make the original purchase. If the credit is for the return of a gift by someone other than the cardholder who made the original purchase, you must apply your usual refund policy.
If the cardholder indicates that the card on which the purchase was originally made is no longer active or available:
- for all cards except prepaid cards – advise the cardholder that you must issue the credit to that card; and if the cardholder has questions, advise him or her to call the customer service number on the back of the card in question; and
- for prepaid cards, do apply your usual refund policy for returns.
In the credit draft delivered to the cardholder you must mask truncated card number digits with replacement characters such as “x,” “*” or “#,” and not blank spaces or numbers.
Your refund policy for card transactions must be at least as favorable as your refund policy for purchases made with other payment products or other payment methods.
If you issue a credit, American Express will not refund the discount or any other fees or assessments previously applied on the corresponding transaction. The discount on chargebacks will not be refunded.
Fraud mitigation tools
American Express offers fraud mitigation tools for both Card Present and Card Not Present transactions to help verify that a transaction is valid. These tools help you mitigate the risk of fraud at the point of sale, but are not a guarantee that a transaction is in fact valid or bona fide, or that you will not be subject to a chargeback. For optimal use of the tools, please visit American Express’ Fraud Prevention Information at: www.americanexpress.com/fraudinfo.
Recurring transactions
For recurring transactions you must offer the cardholder the option to receive written notification for the recurring transaction(s) at least (10) ten days prior to submitting, or any time the transaction amount exceeds a maximum amount that has been set by the cardholder. You must clearly and conspicuously disclose all material terms of the option, including, if applicable, the fact that recurring billing will continue until the option is canceled by the cardholder. If the material terms of the option change after submission of the first recurring transaction, you must promptly notify the cardholder in writing of such change and obtain the cardholder’s express written consent to the new terms prior to submitting another recurring transaction.
For recurring transactions, you must:
- periodically verify with cardholders that their information (for example, card number, expiration date, billing address) is still accurate. This will improve the likelihood of obtaining an approval to an authorization request;
- retain evidence of consent to receive updated card account information from the card issuing bank for 24 months from the date you submit the last recurring transaction.
- ensure that your process for cancellation of recurring transactions is simple and expeditious; and
- within 24 hours of incurring the first recurring billing transaction, provide the cardholder written confirmation (for example, email or facsimile) of such transaction, including all material terms of the option and details of your cancellation/refund policy.
If your recurring transaction amounts vary, you must offer the cardholder the right to receive written notification of the amount and date of each recurring transaction:
- at least ten (10) days before submitting each transaction; or
- whenever the amount of the transaction exceeds a maximum recurring transaction amount specified by the cardholder.
For more information about processing prepaid cards:
- call the customer service number on the back of the card in question; or
- see American Express Card Organization Rules regarding “additional authorization requirements.”
No Signature Required program
You may participate in the No Signature Required program under which you are not required to request a signature from cardholders on the transaction record provided that:
- your business is classified in an industry that accepts in-person charges, with the exception of the following categories:
- Merchants who do not conduct in-person charges (in other words, Internet, mail order or telephone order).
- prohibited merchants or prohibited transactions (or both) as defined in American Express Card Organization Rules regarding “risk ”
- high-risk Merchants (for example, Internet electronic services or nightclubs/lounges) as defined in American Express Card Organization Rules regarding “high risk merchants.
- Merchants placed in our Fraud Full Recourse program. See American Express Card Organization Rules regarding “chargeback programs”.
- in relation to the transaction:
- the transaction amount must meet the threshold established in American Express’ country specific policy.
- the transaction must include the appropriate indicator to reflect that the card and the Cardholder were present at the point of sale.
- the transaction must include a valid approval.
Under the American Express No Signature Required program, chargebacks will not be exercised for such charges based solely on your failure to obtain the cardholder’s signature at the point of sale.
If a disproportionate number of disputed charges under the No Signature Required Program occur, you must cooperate to reduce the number of disputed charges. If such efforts fail, you may be placed in American Express chargeback programs, or your participation in the No Signature Required Program may be modified or terminated.
Travelers cheques
Travelers cheques are available in various denominations and currencies. The denominations in US dollars range from $20 to $1000.
You must exercise caution when presented with a traveler’s cheque in a denomination of
$500 or greater. The higher denominated travelers’ cheques are rarely sold, and so more likely to be counterfeit.
To accept a traveler’s cheque, watch your customer countersign in the lower left corner of the traveler’s cheque, and compare the countersignature to the signature in the upper left corner of the traveler’s cheque.
- if the signature and countersignature are a reasonable match (they look alike, but may not be identical), you may accept the cheque and there is no need to obtain any identification.
- if you suspect that the countersignature may be false, or you did not watch the customer countersign, ask your customer to turn the cheque over and sign again across the left-hand side (in the same manner one typically endorses a check); then take the
- cheque and fold up the bottom right-hand corner so that you can compare the original signature with the new one.
- if the signatures are not the same, or you have any questions regarding the validity of the cheque, call Customer Service.
- if you suspect that the travelers cheque may be fraudulent, verify that the cheque is authentic by:
- performing the smudge test. Turn the cheque over (non-signature side). Wipe a moistened finger across the denomination.
- on the right side of the cheque, the ink should not smudge.
- on the left side of the cheque, the ink should smudge.
- obtaining online Authorization at americanexpress.com/verifyamextc.
You are not required to obtain authorization before accepting a travelers cheque.
High CV Merchants
You acknowledge that you will be converted from the American Express US Enhanced Acquisition Program to a direct card acceptance relationship with American Express if and when you become a ‘High CV Merchant’ in accordance with the American Express Card Organization Rules. As part of this acknowledgment you agree that upon conversion: (i) you will be bound by American Express’ then-current agreement for card acceptance; and
(ii) American Express will set pricing and other fees payable by you for card acceptance.
A “High CV Merchant” is a Program Merchant with Estimated Annual Charge Volume (ECV) of greater than (i) United States currency (USD) $1,000,000 in the United States excluding Puerto Rico and the U.S. Virgin Islands or (ii) USD $1,000,000 in Puerto Rico and the U.S. Virgin Islands. Where a Program Merchant Prospect has more than one Establishment, then the ECV of (i) all Establishments operated under the same tax identification number (TIN) in a region shall be aggregated or (ii) all Establishments operated under different TINs but as a unified business enterprise in a region shall be aggregated. For clarification purposes, a ‘unified business enterprise’ shall include Establishments that are owned, operated, or affiliated to a single business entity.
Marketing opt-outs
You agree that when providing your contact information to us that you may receive messages from American Express, including important information about American Express products, services, and resources available to your business. These messages may be sent to the mailing address, phone numbers, email addresses or fax numbers that you provide. If you provide a wireless phone number, you agree that you may be contacted at that number and the communications sent may include autodialed short message service (SMS or “text”) messages or automated or pre-recorded calls. If you provide a fax number, you agree that you may be sent fax communications. American Express may otherwise use and share your information for business purposes and as permitted by applicable law. American Express uses reasonable administrative, technical and physical security measures to protect your information consistent with the sensitivity of the information.
You may opt out of newsletters or messages about products, services and resources for different forms of communications by contacting us, via inbound telephone, email, facsimile, website and any other means identified by us, or by exercising the opt-out options that may be described or offered in emails, SMS messages, faxes or other communications. If you opt out, you may still receive messages from American Express regarding services and programs designed to enhance the value of the American Express Network.
PROTECTING AMERICAN EXPRESS CARD MEMBER INFORMATION
These merchant data security requirements apply to all of your equipment, systems, and networks on which encryption keys, cardholder data and/or sensitive authentication data are stored, processed, or transmitted.
Standards for protection of cardholder data and sensitive authentication data
You must, and you must ensure that all of your employees, agents, representatives, subcontractors, processors, service providers, providers of point-of-sale equipment or systems or payment processing solutions, and any other party to whom you may provide card member information access, will:
- store American Express cardholder data only to facilitate transactions for your acceptance of American Express cards;
- comply with the current version of the PCI DSS, no later than the effective date for implementing that version; and
- use, when deploying new or replacement PIN entry devices or payment applications (or both), only those that are PCI-approved.
You must protect all charge records and credit records retained in accordance with these data security provisions.
You must use these records only for purposes of your acceptance of American Express cards and you must safeguard the records accordingly.
Data incidents
If you discover a data incident, you must:
- notify us immediately and in no case later than 24 hours after such discovery;
- conduct a thorough forensic investigation of each data incident; this must be conducted by a PCI forensic investigator (PFI) if the data incident involves 10,000 or more unique card numbers (or otherwise at our request);
- promptly provide to us all compromised card numbers and the forensic investigation report of the data incident;
- work with us to rectify any issues arising from the data incident, including consulting with us about your communications to card members affected by the data incident and providing (and obtaining any waivers necessary to provide) to us all relevant information to verify your ability to prevent future data incidents; and
- at our request, provide validation by a qualified security assessor (QSA) that the deficiencies have been remediated.
- Forensic investigation reports must:
- include forensic reviews, reports on compliance, and all other information related to the data incident;
- identify the cause of the data incident;
- confirm whether or not you were in compliance with the PCI DSS at the time of the data incident: and
- verify your ability to prevent future data incidents by providing a plan for remediating all PCI DSS deficiencies.
American Express has the right to disclose information about any data incident to card members, issuers, other participants on the American Express network, and the general public as required by applicable law, by judicial, administrative, or regulatory order, decree, subpoena, request, or other process; in order to mitigate the risk of fraud or other harm; or otherwise to the extent appropriate to operate the American Express network.
Periodic validation of your systems
You must take steps to validate under PCI DSS annually and quarterly the status of your equipment, systems and networks (and their components) on which cardholder data and sensitive authentication data are stored, processed or transmitted.
Step 1 – Enroll in a compliance program
You must submit applicable periodic validation documentation to us. Please contact us for more information regarding data security compliance requirements.
Step 2 – Determine merchant level and validation requirements
Most merchant levels are based on the volume of transactions submitted by establishments. You will fall into one of the merchant levels specified in the following table:
Merchant Level | Definition | Validation Documentation | Requirements |
1 | 2.5 million transactions or more per year; or any merchant that American Express otherwise deems a level 1 merchant | Annual on-site security assessment report and quarterly network scan
| Mandatory |
2 | 50,000 to 2.5 million transactions per year
| Annual self-assessment questionnaire (SAQ) and quarterly network scan | Mandatory |
3 | Less than 50,000 transactions per year | Annual SAQ and quarterly network scan | Strongly recommended |
3- | Less than 50,000 transactions per year and designated a level 3 merchant by American Express | Annual SAQ and quarterly network scan | Mandator |
- As designated by American Express.
American Express may require certain level 3 merchants to enroll in American Express’ compliance program. Such merchants must enroll no later than ninety (90) days following receipt of such notice from us. All other level 3 merchants need not submit validation documentation but must comply with all other provisions of these data security provisions.
The validation documentation which you must send to us is as follows:
Annual onsite security | Annual self-assessment | Quarterly network scans |
This is a detailed onsite examination of your equipment, systems, and networks (and their components) where cardholder data or sensitive authentication data (or both) are stored, processed, or transmitted. YOU MUST:(i) ensure that the annual onsite security assessment is performed by (i) a QSA, or (ii) you and certified by your chief executive officer, chief financial officer, chief information security officer or principal; (ii) submit the AOC section of the SAQ annually to us, and include copies of the full SAQ upon request; and (iii) ensure that the AOC certifies compliance with all requirements of the PCI DSS. | This is a process using the PCI DSS self-assessment questionnaire (SAQ) that allows self-examination of your equipment, systems, and networks (and their components) where cardholder data or sensitive authentication data (or both) are stored, processed, or transmitted. YOU MUST: (i) ensure that the SAQ is performed by you and certified by your chief executive officer, chief financial officer, chief information security officer or principal; (ii) submit the AOC section of the SAQ annually to us, and include copies of the full SAQ upon request; and (iii) ensure that the AOC of the SAQ certifies compliance with all requirements of the PCI DSS. | The quarterly network scan is a process that remotely tests your internet-connected computer networks and web servers for potential weaknesses and vulnerabilities. YOU MUST:(i) ensure that the quarterly network scan is performed by an approved scanning vendor (ASV); (ii) complete and submit the ASV scan report attestation of scan compliance (AOSC) or executive summary of findings of the scan (and copies of the full scan, on request) quarterly to us; (iii) ensure that the AOSC or executive summary certifies that (i) the results satisfy the PCI DSS scanning procedures, no high-risk issues are identified, and (iii) the scan is passing or compliant.
|
Step 3 – Send the validation documentation to Participant
Compliance and validation are completed at your expense. By submitting validation documentation to us, you represent and warrant to us that you are authorized to disclose the information contained in it and are providing the validation documentation without violating any other party’s rights.
Merchants not compliant with PCI DSS
If you are not compliant with the PCI DSS, then you must:
- complete and submit an AOC including “Part 4. Action Plan for Non-Compliant Status” to us;
- designate a remediation date, not to exceed twelve (12) months following the date of the AOC, for achieving compliance; and
- provide us with periodic updates of your progress toward remediation under the “Action Plan for Non-Compliant Status.”
Non-validation fees and termination of right to accept cards
We have the right to impose non-validation fees on you and terminate your right to accept cards if you do not fulfill these requirements or fails to provide the mandatory validation documentation to us by the applicable deadline.
APPENDIX 3
SPECIAL PROVISIONS FOR DISCOVER NETWORK
DISCOVER NETWORK PROTOCOL FOR INTERNET TRANSACTIONS
Each Internet Discover Network card transaction accepted by you and submitted to us shall comply with Discover Network standards, including Discover Network standards governing the formatting, transmission and encryption of data, referred to as the “designated protocol”.
You shall accept only those Internet Discover Network card transactions that are encrypted in accordance with the designated protocol. As of the date of these procedures, the designated protocol for the encryption of data is Secure Socket Layer (SSL).
We may, at our discretion, withhold Settlement until security standards can be verified. However, the designated protocol, including any specifications with respect to data encryption, may change at any time upon 30 days advance written notice. You shall not accept any Internet Discover Network card transaction unless the transaction is sent by means of a browser that supports the designated protocol.
AUTHORIZATIONS
Card Not Present Transactions
For Discover Network Card Not Present transactions, you must also verify the name and billing address of the Discover Network cardholder using the Address Verification System (AVS).
Discover Network procedure for request for cancellation of authorization
If a Discover Network or PayPal card sale is canceled or the amount of the transaction changes following your receipt of authorization for the sale, you must process an authorization reversal via your POS Device or, for voice-approved authorizations, call your Authorization Center directly and request a cancellation of the authorization. An authorization may be canceled at any time within 10 days of your receipt of the authorization, but must be canceled before the sales data relating to the transaction is submitted to us, after which the authorization cannot be changed. For an authorization cancellation, you must provide us with the following information, in this order:
- the Discover Network Merchant Number used in the authorization;
- the card number;
- the original amount of the authorization being canceled;
- the new amount of the total transaction (if any);
- the original authorization code for the authorization being canceled;
- the expiration date of the card; and
- a brief reason for the authorization cancellation.
Discover Network Cash Over Transactions
Cash over transactions are only available for Discover Network.
You may issue cash over in connection with a Discover Network card sale, provided that you comply with the terms on which you are authorized to accept cards, including the following requirements:
- you must deliver to us a single authorization request for the aggregate total of the goods/services purchase amount and the cash over amount of the card sale. You may not submit separate authorization requests for the purchase amount and the cash over amount;
- the sales draft must include both the purchase amount and the cash over amount, and you may not use separate sales drafts for the purchase amount and cash over amount;
- cash over may only be offered with a Card Present card sale that includes a purchase of goods or services by the cardholder. You must not issue cash over as a stand-alone transaction. If you offer cash over, you may require the total amount of a card sale with a credit product, including cash over, to meet a minimum transaction amount of up to
- $10. You must not assess or charge fees of any type or amount, including any surcharges, on cash over transactions. You must not include in cash over transactions any of the fees or charges applicable to cash advances;
- cash over may not be dispensed in connection with credits, cash advances, or any card sale for which you are unable to electronically capture Track Data using the POS device; and
- the maximum amount of cash that you may issue as cash over is $100.
Cash over may not be available in certain markets. Contact us for further information.
APPENDIX 4
SPECIAL PROVISIONS FOR PAYPAL
PAYPAL DOES NOT PERMIT THE FOLLOWING TRANSACTION TYPES:
PayPal does not permit internet (ecommerce), mail order, manually key-entered, cash type transactions (including, cash over, cash advance or quasi cash transactions), or international/non-U.S. currency transactions. Contact us for further information related to these transaction types.
AUTHORIZATIONS
PayPal procedure for request for cancellation of authorization
If a PayPal card sale is canceled or the amount of the transaction changes following your receipt of authorization for the sale, you must process an authorization reversal via your POS Device.
PayPal Sublicense to Use PayPal Marks.
You are prohibited from using the PayPal Marks, as defined below, other than as expressly authorized in writing by us. “PayPal Marks” means the brands, emblems, trademarks, or logos that identify PayPal acceptance. You may use the PayPal Marks only to promote PayPal products, offers, services, processing and/acceptance. Your use of the PayPal Marks is restricted to the display of decals, signage, advertising, and marketing materials provided or approved by PayPal in writing pursuant to the process set forth in the PayPal Card Organization Rules. You are not permitted to use the PayPal Marks in such a way that PayPal Account Holders could believe that the products or services offered by you are sponsored or guaranteed by the owners of the PayPal Marks. You recognize that you have no ownership rights in the PayPal Marks.
You are not permitted to assign to any third party any of the rights to use the PayPal Marks. You are prohibited from using the PayPal Marks, not permitted above, unless expressly authorized in writing by PayPal.
APPENDIX 5
SPECIAL PROVISIONS FOR ALIPAY
What is Alipay
Alipay is a payment processing platform offering a variety of services to Chinese National consumers. Alipay offers consumers the ability to make payments using prepaid funds stored in a digital wallet account established between Alipay and the Alipay consumer.
Alipay Services
We will process payment transactions you submit under this Agreement that are initiated by consumers presenting their Alipay-branded electronic payment credentials as issued by the Alipay Payment Organization at your locations that accept Alipay.
State Restrictions
If you elect to accept Alipay services Processor may provide them to you in the States where legally permitted.
Alipay Funding Schedule
Alipay transactions are settled and funded in China Standard Time.
Alipay recognizes certain days as Chinese National holidays which can cause funding delays. The holidays can be as long as 5 consecutive days. Authorizations are not impacted during these holidays.
Refunds and Transaction Adjustments
Alipay consumers have 90 days from the transaction date to request a refund. After 90 days, all refund requests will be declined. Merchants will receive notification and will have the authority to determine if they wish to process the refund or reject the request (in accordance with your stated policy(ies) and any applicable laws).
- PAYMENT SERVICES GENERAL TERMS
In addition to the preceding Your Payment Acceptance Guide procedures in Section A (“Your Payments Acceptance Guide Procedures”), our Agreement with you includes the following Payment Services general terms (the “General Terms”) in Section B. If you fail to follow any of the provisions of the Your Payments Acceptance Guide Procedures or General Terms, you may incur certain liabilities and we may terminate our Agreement.
- Payment Services
The Payment Services are intended to be used for business purposes and not for personal, family, or household use. The Payment Services allow you to accept payment from your customers using credit and debit cards validly issued by members of Visa, MasterCard, Discover Network, and American Express (collectively “Card Brands”). As the provider of the Payment Services, we have certain obligations under the Card Brand regulations.
Subject to Network Rules, Payment Services may be performed by us, our Affiliates, our agents, or other third parties we may designate from time to time in connection with this Agreement.
In addition, by using the Payment Services, you authorize us to recover funds from you in accordance with these General Terms, the Terms of Use and any other agreement you have with us (“Recovery Authorizations.”). Recovery Authorizations include your authorization of Banktech to debit, charge, setoff against and otherwise recover funds from any connected Banktech Account, any balance, any Reserve (as defined in the Sub-Merchant Processing Agreement), any payment instrument, linked bank, depository and other account registered in your Banktech Account.
Further, in the event that any attempt to recover funds from you should fail, Recovery Authorizations include your grant to Banktech of new, original authorizations to recover all or less than all of the amount you owe us and/or belong to us. Recovery Authorizations include all authorizations to take the above steps without prior notice to you and irrespective of (i) whether we have made demand under these Agreement (as defined in the Sub-Merchant Processing Agreement) or any other agreement you have with us; and (ii) whether the obligation is contingent, matured or unmatured. Recovery Authorizations include all authorizations to take the above steps in complete compliance with the Network Rules and the National Automated Clearing House Association -The Electronic Payments Association Operating Rules and Guidelines (“NACHA Rules”). You agree that your grant of Recovery Authorizations to us has the same legal effect as if you had signed a paper containing the same terms.
- Banktech Account
You must open an account with us (“Banktech Account” or “Account”) to use the Payment Services. The proceeds from your Card transactions processed using the Payment Services go into your Banktech Account. Provider and Bank require certain information to open a Banktech Account. You must provide accurate and complete information and keep the information up-to-date. We rely on this information for underwriting and to meet our obligations under applicable federal and state laws and other regulatory requirements. You must only use the Payment Services for the business purpose described by you in applying for a Banktech Account. On an ongoing basis, you will provide us with the current address of each of your offices, all “doing business as” (DBA) names used by you, and a complete description of goods sold and services provided by you. If the scope or nature of your business or the type of products or services you offer changes, you must notify us prior to the change. You are liable to us for all losses and expenses incurred by us arising out of your failure to report changes to us.
- Required Information, Verification
Bank and the Card Brands require us to verify your identity, credit, business operations, and compliance with the obligations under this Agreement. In order to open and maintain a Banktech Account, you must provide us sufficient information and documentation as requested by us, including information to verify your identity, financial statements, and customer information. You authorize us to make, from time to time, any business and personal credit inquiries, identity-verification inquiries, and other inquiries considered necessary to review the acceptance and continuation of this Agreement. You also authorize any person or credit reporting agency to compile information to answer those inquires and to furnish that information to us. We reserve the right to decline your application for any reason. We are required to report certain information to our Bank or Card Brands, including the names of any principles and country of domicile.
- Compliance with Laws and Rules
You must comply with all rules and operating regulations issued from time to time by the Card Brands; any policies, procedures, and instructions provided by us; and the Payment Card Industry Data Security Standards (“PCI DSS”) and the Payment Application Data Security Standard (“PA-DSS”) (collectively, “Rules“). The Rules are incorporated into this Agreement by reference as if they were fully set forth in this Agreement. An abridged version of the Visa and MasterCard Rules may be viewed at usa.visa.com and www.mastercardmerchant.com. An abridged version of the American Express Rules (the American Express Merchant Operating Guide – US) may be viewed at www.americanexpress.com/merchantopguide. You further agree to comply with all applicable federal, state, and local laws, rules, and regulations (“Laws“), as amended from time to time affecting acceptance of Cards, processing of Card transactions, and the transactions contemplated by this Agreement. You agree to the terms of the Privacy Policy, E-Sign Consent, Terms of Use, and other policies as applicable based on the services you use (“Policies“). The Policies are incorporated into this Agreement by reference as if they were fully set forth in this Agreement. You will assist us in complying in a complete and timely manner with all Laws and Rules, now or hereafter applicable to any Card transaction or this Agreement. You will execute and deliver to us all such instruments we may reasonably deem necessary. If any terms of this Agreement conflict with the Card Brand Rules, the Rules will govern.
- Hardware and Software Requirements
You are required to provide and maintain your own compatible hardware and software necessary to use the Payment Services. For access to our website via the internet, at a minimum, you must provide: (1) An Internet browser that supports 128-bit encryption, (2) a computer with Internet capable of supporting the foregoing, (3) Sufficient electronic storage capacity on your computer’s hard drive, and (4) a printer that is capable of printing from the applicant’s browser and e-mail software. It is highly recommended that you use a firewall and frequently updated anti-virus software. For use of our mobile app, you must have: (1) a compatible mobile phone on a supported carrier, (2) a wireless Internet connection or data coverage to download, install, and use the app, and (3) a compatible card reader device. Charges may apply from your Internet provider or mobile phone carrier for Internet or data usage.
- Transactions and Limits
There are no monthly processing minimums. We establish the processing limits on your Banktech Account. We will assign a maximum dollar amount per sales ticket and an aggregate maximum dollar amount of Card transactions per calendar month. You may request an increase in your Account per sales ticket limit or your monthly processing sales volume by submitting a request to us. Any increase shall be at our sole discretion, and we reserve the right to reverse and decrease any increase previously authorized. Any increase granted by us may be conditional upon and require the establishment of a Reserve as defined in the Sub-Merchant Processing Agreement.
- Transaction Processing
In order to process Card transactions, you must familiarize yourself with and adhere to the applicable Rules. All the Rules that must be adhered to in order to process Card transactions. Be familiar with Part A of this Your Payment Acceptance Guide which provides you with quick reference to some guidelines for initiating transactions and accepting payments.
- Acceptance
You will honor, without discrimination, any valid Card properly tendered by a Cardholder. “Cardholder” means a person possessing a Card and asserting to be the person in whose name the Card is issued. You may elect not to accept Visa or MasterCard branded debit cards, but you must provide Banktech with prior written notice of such election. You will identify the Cardholder when accepting payment and will request the Card expiration date and ZIP code or postal code from the Cardholder’s billing address. It is also highly recommended that you obtain the security code from each Card. You must not honor any Card if the Card has expired or if the Card number is listed on a current Electronic Warning Bulletin file. You will properly disclose to the Cardholder, at the time of the Card transaction, your name, return policy, and other limitations you may have on accepting returned merchandise. Our name will appear in conjunction with your name on Cardholders’ statements. You will not accept any payments from a Cardholder relating to previous charges for merchandise or services, and if you receive such payments, you will promptly remit them to us.
- Card Authorization
You must obtain authorization via methods acceptable to us prior to completing any Card transaction. You must follow any instructions received during the authorization process. Upon receipt of authorization, you may consummate only the transaction authorized. Where authorization is obtained, you will be deemed to warrant the true identity of the customer as the Cardholder. Transactions will be deemed invalid on Cards that are expired, whether or not an authorization has been obtained.
Authorizations are not a guarantee of acceptance or payment of a Card transaction and do not waive any provision of this Agreement or otherwise validate a fraudulent transaction or a transaction involving the use of an expired Card. We may refuse to authorize any transaction, and we are not liable to you if authorization for a transaction is not given. You will not have any claim against, or right to receive payment from, a Cardholder or any other customer in any Card transaction if we refuse to authorize the transaction for any reason.
- Records
You will deliver to the Cardholder at the time of the transaction a complete and legible receipt from the Card transaction or refund. You must retain the merchant copy of the receipt in accordance with the applicable Card Brand information security and confidentiality requirements for at least 3 years following the date of completion of the Card transaction (or such longer period as the Rules may require).
- Recurring Transactions.
For recurring transactions, you must obtain a written request from the Cardholder for such goods and services to be charged to the Cardholder’s account, the frequency of the recurring charge, and the duration of time during which such charges may be made. You must obtain such written consent before the first recurring transaction, and you must notify the Cardholder that he or she is able to discontinue consent for recurring billing charges at any time. You must retain evidence of such written consent for recurring transactions for twenty-four months (24) from the date you submit the last recurring billing charge. If this Agreement is terminated for any reason, you will, at your own cost, advise all individuals and establishments to whom you submit recurring billing charges that you no longer accept the Card for amounts owed by such establishments or by such individual. The termination of a Cardholders’ Banktech Account constitutes immediate cancellation of the Cardholder’s consent for recurring billing charges. We have no obligation to notify you of such cancellation, nor shall we have any liability to you arising from any such cancellation. You will not complete any recurring transaction after receiving a cancellation notice from the Cardholder, notice from us to not complete a recurring transaction, or a response that the Card is not to be honored.
- Future Delivery
You will not accept a Card transaction for the sale of goods or services for future delivery. If, however, you have clearly disclosed your intentions to the Cardholder and the Cardholder agrees, you may submit the following types of charges to us before you deliver the goods purchased to the Cardholder: (a) charges representing deposits on (i) custom or special orders (provided that in doing so you are in compliance with applicable law) and (ii) mail orders for items not in inventory at the time the order is placed; and (b) charges representing advance, partial, or full payment for items the Cardholder requests you to deliver at a later date. If a Cardholder disputes any of these charges, we will have the right to Full Recourse for such charge. You represent and warrant to us that you will not rely on any proceeds or credit resulting from such transactions to purchase or furnish goods or services. You will maintain sufficient capital to provide for the delivery of goods or services at the agreed upon future date, independent of any credit or proceeds resulting from Card transactions taken in connection with future delivery transactions.
- E-Commerce Transactions
You may process e-commerce transactions only if the transactions have been encrypted by a third party vendor acceptable to us. You are liable for all chargebacks and losses related to e-commerce transactions, whether or not encrypted. Encryption is not a guarantee of payment and will not waive any provision of this Agreement or otherwise validate a fraudulent transaction.
For goods to be shipped on e-commerce transactions, you may obtain authorization up to seven calendar days prior to the shipment date. You need not obtain a second authorization if the Card transaction amount is within 15% of the authorized amount, provided that the additional amount represents shipping costs. Your website must contain all of the following information: (i) complete description of the goods or services offered, (ii) return and refund policies, (iii) customer service contact, including email address or telephone number, (iv) transaction currency (such as U.S. or Canadian dollars) (v) any export or legal restrictions, if known, and (vi) delivery policy.
- Prohibited Practices
You may not split transactions into multiple Card transactions except where: (a) partial payment is entered on the transaction record and the balance of the transaction amount is paid in cash or by check at the time of transaction; or, (b) the amount represents an advance deposit in a Card transaction completed in accordance with this Agreement and the Rules. You will not use the Payment Services to accept amounts representing the refinancing of an existing uncollectible obligation, debt, or dishonored check of a Cardholder. You may not process transactions for, receive payments on behalf of, or (unless required by Law) redirect payments to a third party. You agree that we may, within our sole discretion, suspend the Payment Services for a reasonable period of time required to investigate suspicious or unusual activity. Banktech shall have no liability for any losses you may attribute to any suspension of funds disbursement. We do not allow the Payment Services to be used for high risk transactions or transactions for illegal activities. Without limiting the foregoing, you agree to reimburse us for any and all costs, expenses, and fines levied on us by the Card Brands, our sponsor banks, payment processors, or service providers as a result of your use of the Payment Services or your Banktech Account in violation of this Agreement. We may reverse Card transactions we deem to violate this Agreement, the Laws, Rules, or Policies, and you agree to reimburse us for any such reversal. You agree that we are entitled to invoke the security interest we have, as set forth in this Agreement and all other rights we have in order to collect the fines levied against you, or other losses incurred by us, as set forth in this Agreement.
- Fraudulent Transactions
You will not present for processing or credit, directly or indirectly, any transaction not originated as a result of a Card transaction directly between you and a Cardholder or any transaction you know or should know to be fraudulent or not authorized by the Cardholder. We will refer perpetrators of fraudulent transactions, in our discretion, to the appropriate law enforcement agency.
- Banktech Merchant Services Agreement
We may require that you enter into a Merchant Services Agreement if certain Card processing volume thresholds are met by your use of the Payment Services. We will notify you if this occurs. Your continued use of the Payment Services after we notify you will constitute your agreement to the Merchant Services Agreement.
- Deposit of Funds
This Agreement is a contract of financial accommodation within the meaning of the Bankruptcy Code, 11 U.S.C. § 365, as amended from time to time. Our sponsor banks will deposit to the non-interest bearing pooled account titled in the name of our sponsor bank for the benefit of all Banktech Accountholders (“Member Operating Account”) all amounts of Card transactions complying with the terms of this Agreement and the Rules. The Member Operating Account is maintained by our sponsor banks for the clearing and settlement of transactions of all Banktech Accountholders, including those to your Banktech Account. A statement of the balance of your funds in the Member Operating Account and in your Banktech Account is provided by us to you on periodic statements that can be accessed by you online on our website. All amounts owing under this Agreement will remain in the Member Operating Account until: (i) the funds are released by you at your discretion; (ii) you inform our sponsor bank in accordance with our instructions, to release the funds to the Checking Account (defined below) designated by you in accordance with the Electronic Funds Transfer Agreement, which is incorporated herein by reference; or (iii) you use our prepaid debit card for the purchase of goods and services from an authorized merchant in accordance with the Cardholder Agreement, which is incorporated herein by reference. You acknowledge that all credits provided to you are provisional and subject to chargebacks and adjustments in accordance with this Agreement and the Rules, whether or not a transaction is charged back by the Card issuer. We may revoke or reverse at any time any credit given to you in the following circumstances: (i) the Card transaction was not made in compliance with all terms and conditions of this Agreement and the Laws, Rules, and Policies; (ii) the Cardholder disputes liability to us for any reason, including but not limited to those chargeback rights enumerated in the Rules; (iii) the Card transaction was not directly between you and the Cardholder; or (iv) a deposit to your Banktech Account was made erroneously. If revoking or reversing a credit deposited to your Banktech Account results in a negative balance in your Banktech Account, we may immediately debit your Checking Account as authorized under section 38. If you have chosen to activate our prepaid debit card to access the funds in your Banktech Account, you irrevocably authorize the transfer of funds from your Banktech Account to the issuing bank card account for purchases or ATM withdrawals you make using the prepaid debit card and any reserve amount which may be required by said issuing bank. You acknowledge that your obligation to us for all amounts owed under this Agreement arise out of the same transaction as our sponsor banks’ obligation to place funds in the Member Operating Account with respect to transactions processed pursuant to the terms of this Agreement for your Banktech Account. All Card transaction proceeds and deposits are subject to audit and final verification by us, and may be adjusted for inaccuracies. The funds in the Member Operating Account may be eligible for FDIC pass-through insurance up to the maximum amount as set forth in FDIC regulations, as amended from time to time.
- Checking Account
The transfer of funds by you into and out of your Banktech Account is governed by the terms and conditions of the Banktech Electronic Funds Transfer Agreement. You hereby agree to the terms and conditions of the Banktech Electronic Funds Transfer Agreement as amended from time to time, and which is incorporated into this Agreement by reference as if fully set forth herein.
You may establish and maintain a checking account (“Checking Account”) at the financial institution of your choice to facilitate payment for Card transactions and the transfer of amounts due you from your Banktech Account in accordance with the Banktech Electronic Funds Transfer Agreement. You irrevocably authorize our sponsor banks and us to immediately debit the Checking Account associated with your Banktech Account for the transfer of your funds as established pursuant to the Electronic Funds Transfer Agreement for any and all fraudulent transactions, any negative balance in your Banktech Account, and for fees, other penalties, or any amounts you owe us or our sponsor banks under this Agreement, unless other terms have been agreed upon between us and your Affiliated Company. You agree that our sponsor bank and we shall not incur any liability for any loss, costs, or fees incurred by you that are the result of such debits by us.
- Disputes, Inquiries, and Chargebacks
We are responsible for handling disputes between you and any Cardholder, inquiries from a Card Brand, credits, and customer service relating to any Card transaction. Customers sometimes dispute transactions, which may lead to Card transactions being reversed, otherwise known as “chargebacks.” You will pay us on demand for the amount of all chargebacks. You accept responsibility for all chargebacks and will be liable to us for the total amount of any sale for which the Cardholder disputes the validity of the sale. You authorize us to offset from incoming transactions and to debit the Member Operating Account, your Banktech Account, and/or the Reserve Account to recover any chargeback. You will fully cooperate with us in complying with the Rules regarding chargebacks. We may suspend the Payment Services and stop releasing funds represented by Card transactions to you until you reimburse us for all unpaid chargebacks. Furthermore, if you are an independent sales consultant you authorize us to report any chargeback not reimbursed by you within 30 days (“Unpaid Chargeback”) to your affiliated company, as applicable. You must not reenter or reprocess any Card transaction that has been charged back. Instead you must allow the chargeback process to proceed to its conclusion as described in each Card Brand’s Rules. If you disagree with a chargeback, the Rules allow you to request a chargeback reversal. A reversal request must be made within the applicable Card Brand’s timeline in its Rules. You will also promptly provide us with any information we request in response to an inquiry from an Card Brand. A Card Brand will make an inquiry when it needs information about a disputed transaction. In order to be able to respond to an inquiry, you need to maintain records and follow business practices that are in accordance with the Rules. Excessive Activity will be a breach of this Agreement. “Excessive Activity” shall mean: chargebacks in excess of .50% of the transaction ratio of your Card transactions; or, chargebacks in excess of .50% of the transaction ratio of the dollar amount of your Card transactions; or, returns in excess of 3% of the transaction ratio of your Card transactions; or, denied transactions in excess of 5% of the transaction ratio of your Card transactions. You authorize, upon the occurrence of Excessive Activity, us to take additional action it deems necessary, including, but not limited to, suspension of processing privileges or creation or maintenance of a Reserve Account in accordance with this Agreement.
- Customer Contact
You authorize us to contact your customers or their bank if we determine that such contact is necessary to find out information about any payment transaction between you and the customer. Also, you will provide to us upon our request, contact information for your customers as deemed necessary and reasonable by us.
- Refund Credits
You will issue a credit memorandum, instead of making a cash advance, a disbursement, or a refund on any Card transaction. Our sponsor bank will debit from the amounts owing you under your Banktech Account for the total face amount of each credit memorandum submitted. You will not submit a credit relating to any Card transaction not originally submitted to us, nor will you submit a credit that exceeds the amount of the original Card transaction. You will, within the time period specified by applicable law, provide us with a credit memorandum or credit statement for every return of goods or forgiveness of debt for services that were the subject of a Card transaction.
- Use of Trademarks
Your use of Card Brand marks will fully comply with the Rules. Your use of our marks must comply with our policies and instructions. Your right to use our marks and the Card Brand marks will cease upon termination of this Agreement. The Card Brands are the sole and exclusive owners of their marks. We are the sole and exclusive owner of our marks. You agree to not to contest the ownership of the marks for any reason. We may require changes to your website or otherwise that we deem necessary or appropriate to ensure that you remain in compliance with the Rules governing the use of our and the Card Brand trademarks. We may at any time, immediately and without advance notice, prohibit the use any of the trademarks for any reason.
- Third Party Service Providers
You may be using special services or software provided by a third party to assist you in processing transactions, including authorizations and settlements, or accounting functions. You are responsible for ensuring compliance with the requirements of any third party in using their products. We are not responsible for any transaction until the point in time we receive data about the transaction. We have relationships with the Card Brands to provide the Payment Services. The Card Brands have the right to enforce any provision of the Card Brand Rules and to prohibit you and us from engaging in any conduct that the Card Brands deem could injure or could create a risk of injury to the Card Brands, including injury to reputation, or that could adversely affect the integrity of the interchange system, the Card Brands’ Confidential Information as defined in the Rules, or both. You will not take any action that could interfere with or prevent the exercise of this right by the Card Brands.
- Our Set-off Rights; Security Interest
In addition to the Reserve section of the Sub-Merchant Processing Agreement, you grant us a security interest in, as well as a right of setoff against, and assign, convey, deliver, pledge and transfer to us, as security for repayment of any obligations due under these Payment Services General Terms and any other agreement you have with us, all of your right, title, and interest in and to all of your accounts with us. You grant us Recovery Authorizations concerning funds you are obligated to repay us. You authorize us to administratively freeze or direct any third party bank holding the account to freeze all such accounts to allow us to protect our security interest, collection, charge and setoff rights as provided for in this section.
Your failure to fully pay amounts that you owe us on demand will be a breach of these terms. You are liable for any of our costs associated with collection in addition to any amounts owed, including attorneys’ fees and expenses, collection agency fees, and any applicable interest.
- Taxes
You are obligated to pay all taxes and other charges imposed by any governmental authority on the Payment Services provided under this Agreement. You understand that this does not obviate your responsibility for your tax liability incurred with the sale of goods or services regarding transaction activity associated with your Banktech Account.
- Confidentiality
You will not sell Card account information, and you will not disclose to any third party Cardholders’ account information or other personal information, except to an agent of yours assisting in completing a Card transaction, or as required by law. You will not use for your own purposes, will not disclose to any third party, and will retain in strictest confidence all information and data belonging to or relating to our business (including without limitation the terms of this Agreement), and will safeguard such information and data by using the same degree of care, but no less than a reasonable amount of care, that you use to protect your own confidential information. You authorize us to disclose your name and address to any third party who requests or otherwise has a reason to know such information, and any information we have to law enforcement or as required by the legal process.
- Term and Termination
This Agreement will become effective on the date accepted by you (“Effective Date”) and will remain in effect for the length of the Initial Term selected by you at the time of sign-up (“Initial Term”) and is renewable for successive terms the same length as the Initial Term (“Renewal Term”), unless terminated earlier according to this Agreement. You may terminate this Agreement by providing notice of intent not to renew at least 30 days prior to the expiration of the then current term. Additionally, we may terminate this Agreement at any time, with or without cause, and without prior notice. Our rights of termination under this Agreement are cumulative. Any provisions of this Agreement that protect our interests and any provisions which by their nature are intended to survive termination of this Agreement shall survive termination of this Agreement.
- Action Upon Termination and Unclaimed Property
We are required to report your name to the Card Brands when your Banktech Account is terminated due to the reasons listed in the Rules issued by the applicable Card Brand. You waive and hold us harmless for all claims and liabilities you may raise as a result of such reporting. Upon the expiration of the applicable time period regarding account inactivity as mandated by state law, your Banktech Account will be formally terminated. Thirty (30) days after the termination of your Banktech Account, funds due to you from your Banktech Account, or otherwise in the possession of us and attributable to you, shall be remitted to any state or other governmental body as a result of any unclaimed property or similar laws, subject to a processing fee, or to us if allowed.
- Account Inactivity
Failure to present any transaction for clearing and settlement or failure to add funds or access funds in your Banktech Account by means of a prepaid debit or stored value card, as applicable, or by means of an electronic transfer as defined in the Electronic Funds Transfer Agreement, for the (1) the applicable time period as mandated or allowed by state law, or (2) twenty-four months, whichever is less, may result in your Banktech Account being terminated.
- IRS Reporting
To comply with IRS 1099-K reporting requirements, we may be required to file a form 1099-K with the U.S. Internal Revenue Service (IRS). We may collect 28% federal backup withholding upon transaction settlement, on behalf of the IRS, from you if you do not supply your legal name, SSN or EIN, or if you fail to respond to a request from us to verify the same. All withholdings will be remitted to the IRS as required by law. To avoid potential backup withholdings, you should notify us any time there is a change to your SSN, EIN, legal name, or business address, and ensure you respond to any request for verification and record update from us.
- Rights and Remedies Cumulative
The rights conferred upon us, our sponsor banks, and the Card Brands in this Agreement are not intended to be exclusive of each other or of any other rights and remedies we have under this Agreement, at law, or in equity. Rather, each and every right we have at law or in equity will be cumulative and concurrent and in addition to every other right.
- Entire Agreement
This Agreement, including, Policies, the completed application, the Rules, and any amendment or supplement to this Agreement or other referenced agreements, all of which are incorporated into this Agreement, constitutes the entire agreement between the parties, and all prior or other agreements or representations, written or oral, are superseded by this Agreement.
- Governing Law, Jurisdiction, Waiver Of Jury Trial
This Agreement will be governed by and construed in accordance with the laws of the State of Texas, except where Federal law is applicable. YOU AGREE THAT ALL PERFORMANCES AND TRANSACTIONS UNDER THIS AGREEMENT WILL BE DEEMED TO HAVE OCCURRED IN TEXAS AND THAT YOUR ENTRY INTO AND PERFORMANCE OF THIS AGREEMENT WILL BE DEEMED TO BE THE TRANSACTION OF BUSINESS WITHIN THE STATE OF TEXAS. YOU AND WE CONSENT TO AND AGREE THAT, THE EXCLUSIVE JURISDICTION AND VENUE FOR ANY DISPUTES HEREUNDER SHALL BE AN APPROPRIATE FEDERAL OR STATE COURT LOCATED IN DALLAS, TEXAS. YOU AND WE WAIVE ANY RIGHT TO TRIAL BY JURY IN ANY ACTION CONCERNING ANY RIGHTS OR DISPUTES UNDER THIS AGREEMENT.
- Construction
The headings used in this Agreement are inserted for convenience only and will not affect the interpretation of any provision. The language used will be deemed to be the language chosen by the parties to express their mutual intent, and no rule of strict construction will be applied against any party.
- Assignability
This Agreement may be assigned by us, but may not be assigned by you directly or by operation of law, without the prior written consent of us. Any purported assignment without our consent is void. If you sell your business, and the new owners incur chargebacks, the original owner and all original guarantors will be held personally liable for all chargebacks and any other liabilities of the new owners.
- Bankruptcy
You will immediately notify us of any bankruptcy, receivership, insolvency or similar action or proceeding initiated by or against you. You will include us on the list and matrix of creditors as filed with the Bankruptcy Court, whether or not a claim may exist at the time of filing, and failure to do so will be cause for immediate termination or any other action available to us under applicable Rules or Law. You acknowledge that this Agreement constitutes an executory contract to make a loan or extend other debt financing or financial accommodations to or for the benefit of you, and, as such, cannot be assumed or assigned in the event of your bankruptcy.
- Amendments
This Agreement and the Policies referenced and incorporated in this Agreement may be amended, modified, or revised at any time without notice. While we may notify you as the Agreement or Policies are modified, it is your sole responsibility to review and maintain familiarity with the Agreement and Policies, including any changes that may be made to these documents, respectively, from time to time thereto, and you are bound by any changes. The amendments to this Agreement and/or Policies referenced herein will become effective and binding upon you immediately and contemporaneously as the amendments are published to our website (www.banktechpr.com/sub-merchant_processing_agreement). In the event you do not agree to the aforementioned amendments and do not wish to be bound the terms and conditions thereto, you shall provide written notice to us (including by e-mailing [email protected] and providing your account number and a statement that you do not agree to the terms. If you do not agree to the terms of the amendment, your account will be terminated and closed. Notwithstanding the foregoing, changes to fees authorized by this Agreement will be effective upon the giving of notice to you and any fee increase, change in Rules, or other requirement imposed by Card Brands may be passed on to you and will be effective upon the giving of notice to you.
- Agency Relationship
You authorize us with respect to the Payment Services to act as your agent for the limited purposes of holding, receiving, and disbursing funds on your behalf. Your authorization permits us to generate an electronic funds transfer to process each payment transaction. This authorization will continue until your Banktech account is closed or terminated. You agree that our receipt of transaction proceeds satisfies your customers’ obligations to you. We will remit to you funds actually received by us on your behalf, less amounts owed to us, subject to any chargebacks or reserve withheld or applied as per this agreement.
- Force Majeure
No party will be liable to the other party for any failure or delay in its performance of this Agreement if such failure or delay arises out of causes beyond the control and without the fault or negligence of such party.
- Arbitration
By using our Payment Services, you unconditionally consent and agree that: (1) any Dispute (whether in contract, tort, or otherwise) you may have against Banktech and each of their respective members, officers, directors and employees (all such individuals and entities collectively referred to herein as the “Banktech Entities”) arising out of, relating to, or connected in any way with the Payment Services or the determination of the scope or applicability of this agreement to arbitrate, will be resolved exclusively by final and binding arbitration administered by JAMS and conducted before a sole arbitrator in accordance with the rules of JAMS; (2) this arbitration agreement is made pursuant to a transaction involving interstate commerce, and shall be governed by the Federal Arbitration Act (“FAA”), 9 U.S.C. §§ 1-16; (3) the arbitration shall be held in Dallas, Texas; (4) the arbitrator’s decision shall be controlled by the terms and conditions of this Notice and any of the other agreements referenced herein that the applicable user may have entered into in connection with the Payment Services; (5) the arbitrator shall apply Texas law consistent with the FAA and applicable statutes of limitations, and shall honor claims of privilege recognized at law; (6) THERE SHALL BE NO AUTHORITY FOR ANY CLAIMS TO BE ARBITRATED ON A CLASS OR REPRESENTATIVE BASIS, ARBITRATION CAN DECIDE ONLY YOUR AND/OR THE APPLICABLE BANKTECH ENTITY’S INDIVIDUAL CLAIMS; THE ARBITRATOR MAY NOT CONSOLIDATE OR JOIN THE CLAIMS OF OTHER PERSONS OR PARTIES WHO MAY BE SIMILARLY SITUATED; (7) the arbitrator shall not have the power to award punitive damages against you or any Banktech Entity; (8) in the event that the administrative fees and deposits that must be paid to initiate arbitration against any Banktech Entity exceed $125 USD, and you are unable (or not required under the rules of JAMS) to pay any fees and deposits that exceed this amount, Banktech agrees to pay them and/or forward them on your behalf, subject to ultimate allocation by the arbitrator. In addition, if you are able to demonstrate that the costs of arbitration will be prohibitive as compared to the costs of litigation, Banktech will pay as much of your filing and hearing fees in connection with the arbitration as the arbitrator deems necessary to prevent the arbitration from being cost-prohibitive; and (9) with the exception of subpart (6) above, if any part of this arbitration provision is deemed to be invalid, unenforceable or illegal, or otherwise conflicts with the rules of JAMS, then the balance of this arbitration provision shall remain in effect and shall be construed in accordance with its terms as if the invalid, unenforceable, illegal or conflicting provision were not contained herein. If, however, subpart (6) is found to be invalid, unenforceable or illegal, then the entirety of this Arbitration Provision shall be null and void, and neither you nor Banktech shall be entitled to arbitrate their dispute. For more information on JAMS and/or the rules of JAMS, visit their website at www.jamsadr.com.
- Processing ACH (If Approved By Banktech)
If approved by Banktech, you may accept payment via automated clearing house transactions (“ACH”) from your customers. You must comply with the National Automated Clearing House Association (“NACHA“) rules. Copies of the NACHA Operating Rules and Guidelines are available for review online at www.achrulesonline.org. You must not request an ACH transfer that violates the Rules or Laws. You agree not to initiate any ACH debits or credits to or from a savings account, or a foreign bank or the branch of a foreign bank in a U.S. territory. The term foreign bank does not include: (i) A U.S. agency or branch of a foreign bank; and (ii) An insured bank organized under the laws of a U.S. territory. To enable you to make and accept ACH payments, you authorize us to originate credit or debit records for the purpose of a funds transfer (“Entries”) into the ACH network. We will use reasonable efforts to originate Entries on your behalf in accordance with this Agreement. You must only submit Entries for bona fide transactions with your customers made in the ordinary course of business in accordance with this Agreement, the Rules, and Laws. You shall obtain and maintain appropriate authorizations in accordance with the Rules from each of your customers for each ACH transaction. All disputes between you and any of your customers relating to any ACH transaction must be resolved between you and that customer. If Banktech receives any notice of an ACH dispute or NACHA inquiry, we will forward such notice directly to you. Banktech bears no financial responsibility for any disputed transaction. You must maintain an unauthorized return rate, as described in the NACHA Regulations, below 0.5% of originating debits.
- American Express OptBlue® Program Terms and Conditions
- Amex Services. These American Express OptBlue Program Terms (Amex Terms) describe some of the requirements for your acceptance of American Express Cards under the American Express OptBlue Program (OptBlue Program). You agree that your acceptance of American Express Cards will comply with the Agreement and with the American Express Merchant Operating Guide (Amex Guide) which are the Rules for American Express Card Transactions. The Amex Guide applies only to American Express Card Transactions and the American Express OptBlue Program. Capitalized words and phrases that are used but not defined under Certain Definitions below or elsewhere in the Agreement are defined in the Amex Guide, which is available to you at americanexpress.com/merchantopguide. If these Amex Terms conflict with any other part of the Agreement with respect to American Express Card Transaction, these Amex Terms will control. The acquiring services (including Authorization, processing, and settlement) that you receive for your American Express Card Transactions (Amex Services) are provided by Payment Facilitator through a separate agreement with a third party processor and not by Bank.
- The defined words and phrases below apply only to these Amex Terms and American Express Card Transactions. Any terms not defined here or in the Amex Guide will have the meaning given to them in the Agreement.
American Express Card or Card means (a) any card, account access device, or payment device or service bearing American Express or American Express Affiliates’ Marks and issued by an Issuer, or (b) a Card number issued by an Issuer which can be used to purchase goods or services from you.
American Express means American Express Travel Related Services Company, Inc., a New York corporation.
American Express Brand means the Marks of American Express and its affiliates.
Amex Transaction Data means all information required by American Express evidencing one or more transactions, including information obtained at the point of sale, information obtained or generated during authorization and submission, and any Chargeback.
Applicable Law means (a) any law, statute, regulation, ordinance, or subordinate legislation in force from time to time to which you or Processor is subject, (b) the common law as applicable to them from time to time, (c) any court order, judgment, or decree that is binding on them, and (d) any directive, policy, rule, or order that is binding on them and that is made or given by a regulator or other government agency of the United States (or any of its territories) or any other federal, commonwealth, state, provincial, or local jurisdiction. References to “Law” elsewhere in the Agreement include this definition but only for purposes of the Amex Services and American Express Card Transactions.
Card Member means an individual or Entity (a) that has entered into an agreement establishing a Card account with an Issuer, or (b) whose name appears on the Card. References to a “cardholder” elsewhere in the Agreement include this definition but only for purposes of the Amex Services and American Express Card Transactions.
Charge means a payment or purchase made on the Card.
Establishments means any or all of your (or your Affiliates’) locations, outlets, websites, online networks, and all other methods for selling goods and services, including methods that you adopt in the future. References to “locations” elsewhere in the Agreement include this definition but only for purposes of the Amex Services and American Express Card Transactions. Transaction means a Charge or Credit completed by the means of a Card.
- Amex Services: Qualification Criteria and Merchant Operating Guide.
- If you meet the criteria below and elect to accept American Express Transactions, we will provide Amex Services to you under the terms and settlement time frames provided in your Agreement.
- To qualify for the Amex Services, you must meet the following criteria: (a) your Total Annual American Express volume is less than $1,000,000; (b) your business is not of a merchant category type prohibited by American Express; and (c) you are not a franchisee of any franchise excluded by American Express from eligibility for the OptBlue Program.
- After initial qualification, you must continue to meet American Express’s criteria for the OptBlue Program. Currently, these criteria (each, a Continuing Qualification Threshold) are: (a) the total volume of American Express Card Transactions in any rolling 12 month period for all your Establishments is not more than $1,000,000, and (b) the total monthly volume of American Express Card Transactions for all your Establishments for any 3 consecutive months does not exceed $100,000 per month.
- If you fail to meet the Continuing Qualification Thresholds, we may notify you of your conversion to a direct American Express Card acceptance relationship with American Express. In this event, you agree that once this conversion occurs (a) you will be bound by American Express’s then-current Card Acceptance Agreement with respect to American Express Transactions, (b) American Express will set pricing and other fees payable by you for American Express Card acceptance, and (c) you will no longer be able to participate in the OptBlue Program through us. However, we may continue to provide authorization and processing services, but not settlement services, to you for your American Express Card Transactions
- Fees for Amex Services. See your pricing page on online account access.
- American Express Transaction Data. The Amex Transaction Data you are required to collect in connection with a Transaction must be provided directly to you by the American Express Card Member. You must not accept Amex Transaction Data from, nor are you permitted to provide Amex Transaction Data to, any third parties other than your covered parties (as defined in the Data Security Operating Policy). If you fail to comply with this requirement, in addition to other rights and remedies regarding “monitoring,” you may be charged a fee as indicated in the American Express Program Pricing Guide, and we may suspend Card acceptance privileges at your Establishments or terminate the Agreement. For Card Member Transactions involving payment or “e-wallet” accounts (which Card Member created by providing their information when the account was established), the necessary Amex Transaction Data has already been provided directly by the Card Member, and you are not required to have the Card Member re-enter the Amex Transaction Data.
- Disclosure and Use of Data Collected Under Agreement. We may disclose to American Express all data and information you provide that we collect as part of performing any Amex Service or any other Service related to your American Express Card Transactions (Collected Data). American Express may use and share Collected Data (a) to screen and/or monitor you in connection with Card marketing and administrative purposes, (b) to perform its responsibilities in connection with your acceptance of American Express Cards, (c) to promote the American Express Network, (d) to perform analytics and create reports, and (e) for any other business purpose, including marketing, as permitted by Applicable Law. American Express uses reasonable administrative, technical, and physical security measures to protect your information, consistent with the sensitivity of the information.
- Consent for American Express to Contact You by Phone, e-Mail, Text, or Fax. American Express may use the information you provide (or that you update from time to time) to call you or send you communications or materials via email, text, fax, or other electronic means about American Express services and resources available to you. You consent to receive auto-dialed, automated, or pre-recorded calls or communications (including text messages) at the telephone number(s) you have provided. If you provide a fax number, you consent to receive fax communications from American Express. You acknowledge that by giving these consents, the calls made to you or the communications sent to you by American Express may be subject to charges or fees by your telecommunications or other applicable service First Data, and you agree that any charges or fees are your responsibility to pay. You also acknowledge that these consents are not a condition of receiving Amex Services.
- Opt-Out. You may opt out of receiving marketing-related communications and materials from American Express by providing notice to Provider as set forth in Section 18 of the Agreement in the Agreement. If you have opted out, you may still receive messages or communications from American Express related to important information about the Amex Services or other American Express products, services, and resources available to you.
- No Assignment of Payments. You agree not to assign to any third party any payments due to you under the Agreement as the result of American Express Card Transactions, and all indebtedness arising from Charges will be for bona fide sales of goods and/or services at your Establishments free of liens, claims, and encumbrances (other than ordinary sales taxes). You may, however, sell and assign future Transaction receivables to Processor or to any other funding source that partner with Processor.
- Third Party Beneficiary Rights. American Express is a direct and intended third party beneficiary of the Agreement (including these Amex Terms) and may enforce any terms of the Agreement that apply to American Express, including American Express Card acceptance and transaction processing, directly against you.
- Your Right to Opt Out of American Express Card Acceptance. You may opt out of accepting American Express Cards at any time without affecting your right to accept any other payment type Processor supports.
- Collections from American Express Card Members. You may not bill or collect from any American Express Card Member for any purchase or payment on the American Express Card unless Chargeback has been exercised, you have fully paid for the Charge, and you otherwise have the right to do so.
- American Express Excessive Disputes. You may be subject to various fees and assessments as set forth in the Schedule of Fees or in the American Express Program Pricing Guide, including fees for excessive disputes. Some fees and assessments are for special products or services, while others may be applied based upon non-compliance with American Express policies and procedures. Many non-compliance fees and assessments can be avoided by correcting the actions that are causing the non-compliance.
- American Express Right to Modify or Terminate Agreement. American Express has the right to modify the Network Rules with respect to American Express Card Transactions or to terminate your acceptance of American Express Card Transactions and to require us or the Provider to investigate your activities with respect to American Express Card Transactions. Upon termination for any reason, you must immediately remove American Express licensed marks from your website and wherever else they are displayed upon termination or upon your termination from the Amex Services.
- Special Provisions Regarding Payeezy™ Gateway Services
If you elect to utilize the Payeezy Gateway Services, the following additional terms and conditions of this Section 63 shall apply.
The Payeezy Gateway Services are provided to you by Processor and not Bank. Bank is not a party to this Agreement insofar as it applies to the Payeezy Gateway Services, and Bank is not liable to you in any way with respect to such services. For the purposes of this Section 63, the words “we,” “our” and “us” refer only to the Processor and not the Bank.
The Payeezy Gateway Services provided, and other matters contemplated under this Section 63 are subject to the rest of this Agreement, as applicable, except to the extent the terms of this Section 63 directly conflict with another provision of this Agreement, in which case the terms of this Section 63 will control.
- Capitalized terms used in this Section 63 shall have the meaning given as defined in this Section or as defined in the Glossary or elsewhere in this Agreement.
Claim means any arbitration award, assessment, charge, citation, claim, damage, demand, directive, expense, fine, interest, joint or several liability, lawsuit or other litigation, notice, infringement or misappropriation of any Intellectual Property Right or violation of any law, and any consequential, indirect, special, incidental or punitive damages and any attorney’s fees and expenses incurred in connection therewith. For purposes of the foregoing Claim definition, a Claim shall be considered to exist even though it may be conditional, contingent, indirect, potential, secondary, unaccrued, unasserted, unknown, unliquidated, or unmatured.
Confidential Information means the Payeezy Gateway Services, Documentation, operational procedures, the terms and conditions of this Section 33 (including any schedule, exhibit or addendum), pricing or other proprietary business information, and any other information provided to you by us, whether or not such information is marked as confidential; provided, however, that Confidential Information will not include information that: (a) is or becomes generally known to the public through no fault of yours; (b) was lawfully obtained by you from a third party free of any obligation of confidentiality; (c) was already in your lawful possession prior to receipt thereof, directly or indirectly, from the disclosing party; (d) is independently developed by you without the use of the Confidential Information; (e) is disclosed with our express written permission; or (f) is disclosed pursuant to a lawful court or governmental order, provided you provide us with prompt prior written notice of any proceeding that may involve such an order, and an opportunity to contest any disclosure at such proceeding.
Customer means your customer who would like to provide payment for your goods or services.
Documentation means any and all manuals and other written materials in any form provided for use with the Software, as amended by us from time to time, the terms of which are incorporated in this Section 63 as if fully set forth herein.
Intellectual Property Rights means any and all patents, copyrights, trademarks, trade secrets, service marks, and any other intellectual property rights, and any applications for any of the foregoing, in all countries in the world.
Merchant Account shall mean an account set up for a merchant that requires a card processor, bank, merchant ID, terminal ID, merchant identification number, or otherwise named unique merchant number. Multiple physical or virtual storefronts that process transactions under the same unique merchant number shall be deemed as one (1) Merchant Account.
Payeezy Gateway Services or Services means the products or services offered through the Platform including, but, not limited to payment processing services such as authorization of transactions to the appropriate payment processing network or third party service provider, transaction responses (approved, declined), and the detailed reporting of those transactions, and all related and applicable Software.
Platform means our operated, or approved, electronic payment platform(s) and /or gateway(s) (also referred to as the “Payeezy Gateway”) through which the payment Services contemplated under this Section 63 are provided.
Software means all applications, protocols, software components and other interfaces and software provided by us to you pursuant to this Section 63, and any and all Updates.
Updates means an embodiment of the Software that provides enhancements and /or improvements.
Your Systems means any web site(s) or interfaces to the Services that are operated or maintained by you or on your behalf through which transactions are submitted for processing, and all your other associated systems.
- Client shall pay Processor the fees for the Payeezy Gateway Services as set forth on the Application. A separate account with us for Payeezy Gateway Services shall be required for each separate Merchant Account held by you.
- Term; Termination. The Payeezy Gateway Services shall commence as of the effective date of this Agreement and shall remain in effect until terminated by either party as provided Either party may terminate these Services upon giving the other party at least thirty (30) days prior written notice. We may suspend or terminate your access to the Services without prior notice, with or without cause. Regardless of the reason for termination, you shall be responsible for the payment of all fees due up to and including the effective date of termination.
63.4 License Grant.
- Subject to the terms and conditions of this Agreement (including additional rights and licenses granted in the Documentation), we hereby grant you and you hereby accept a nonsublicensable, royalty free, non-exclusive, nontransferable, revocable limited license to use the Services, during the term of this Agreement, for the sole and limited purpose of submitting payment transactions to us for processing, and otherwise using our Services as set forth herein. For clarity, all references to Services in this Agreement shall include the applicable Software.
- Documentation Subject to the terms and conditions of this Agreement, we hereby grant, and you hereby accept, a nonsublicensable, royalty free, non-exclusive, non-transferable, revocable limited license to use the Documentation during the term of this Agreement for the sole and limited purpose of supporting your use of the Services. You shall strictly follow all Documentation provided to you, as it may be amended from time to time by us, in our discretion. To the extent that there is any conflict between the Documentation and the terms of Agreement, the terms of this Section 63 shall govern and control.
- Use Restrictions. You acknowledge that the Services and Documentation constitute our intellectual property, therefore, you shall not, and shall not cause or permit any third party to: (i) use the Services in any way, other than in accordance with this Agreement or the Documentation or as otherwise instructed by us in writing; (ii) use the Services or Documentation, either directly or indirectly, for benchmarking purposes or to develop any product or service that competes with the products and services provided under this Section 63; (iii) disassemble, decompile, decrypt, extract, reverse engineer or modify the Services, or otherwise apply any procedure or process to the Services in order to ascertain, derive, and/or appropriate for any reason or purpose, the source code or source listings for the Services or any algorithm, process, procedure or other information contained in the Services, except as otherwise specifically authorized in accordance with this Section 63; (iv) provide the Services or Documentation to any third party, other than to your authorized employees and contractors who are subject to a written confidentiality agreement, the terms of which are no less restrictive than the confidentiality provisions of the Agreement; (v) use, modify, adapt, reformat, copy or reproduce the Services or Documentation or any portion thereof, except as is incidental to the purposes of this Section 63, or for archival purposes (any copies made hereunder shall contain all appropriate proprietary notices); (vi) rent, lease, upload, assign, sublicense, transfer, distribute, allow access to, or time share the Services or Documentation; (vii) circumvent or attempt to circumvent any applicable security measures of the Services; (viii) attempt to access or actually access portions of the Platform or Services not authorized for your use; and/or (ix) use the Services in any unlawful manner or for any unlawful
- From time to time we may, at our discretion, release Updates or modify the Software. In the event we notify you of any such Update, you shall integrate and install such Update into Your Systems within thirty (30) days of your receipt of such notice. You acknowledge that failure to install Updates in a timely fashion may impair the functionality of the Platform or any of our Services provided hereunder. We will have no liability for your failure to properly install the most current version of the Software or any Update, and we will have no obligation to provide support or Services for any outdated versions.
- The licenses granted hereunder may be subject to other licenses currently held by us or our subcontractors. Should any license held by us to certain technology or software be terminated or suspended, the corresponding license(s) granted to you hereunder may also be terminated or suspended in our sole and absolute discretion. You acknowledge and agree to such potential termination or suspension and hereby waive any and all damages, whether actual, incidental or consequential resulting therefrom.
- Export You agree not to export or re-export the Software or any underlying information or technology except in full compliance with all applicable laws and regulations. In particular, but without limitation, none of the Software or underlying information or technology may be downloaded or otherwise exported or re-exported (i) to any country to which the United States has embargoed goods (or any national or resident thereof); (ii) to anyone on the United States Treasury Department’s list of Specially Designated Nationals or the United States Commerce Department’s Table of Deny Orders; or (iii) in any manner not in full compliance with the requirements of the United States Bureau of Industry and Security and all applicable Export Administration Regulations. If you have rightfully obtained the Software outside of the United States, you agree not to re-export the Software except as permitted by the laws and regulations of the United States and the laws and regulations of the jurisdiction in which you obtained the Software. You warrant that you are not located in, under the control of, or a national or resident of any such country or on any such list.
- Federal Acquisition If you are acquiring the Software on behalf of any part of the United States Government (the “Government”), the following provisions apply: Any use, duplication, or disclosure by the Government is subject to the restrictions set forth in subparagraphs (a) through (d) of the Commercial Computer Software- Restricted Rights clause at FAR 52.227-19 when applicable, or in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013, and in similar clauses in the NASA FAR Supplement. We are the contractor/manufacturer, with the address set forth below. Any use, modification, reproduction, release, performance, display or disclosure of the Software and/or the accompanying documentation by the Government or any of its agencies shall be governed solely by the terms of this Agreement and shall be prohibited except to the extent expressly permitted by the terms of this Section 63.
- Return/Destruction. Upon termination or expiration of this Agreement, all licenses granted hereunder shall immediately terminate, and within five (5) days thereof, you shall either return to us or destroy the Software and the Documentation, and shall so certify to us in
- No other Licenses. Except as expressly provided above, no license for any patents, copyrights, trademarks, trade secrets or any other Intellectual Property Rights, express or implied, are granted
- Use of Transaction As permitted by applicable law and regulations, we reserve the right to copy and distribute to third parties, any information associated with your use of the Services or your activities on the Platform.
63.5 Platform Matters
- Integration with Your Systems. While we provide Software to you, you acknowledge that the Software itself is insufficient to allow Your Systems to function with the Platform. Programming, development and maintenance of Your Systems and their functionality are your sole responsibility. You have the sole responsibility to select and employ any competent programming agent(s) to accomplish the programming required to make Your Systems function correctly with the Platform and the payment services contemplated hereunder (“Integration”). You shall be responsible for all technical support for Your Systems and Integration related You agree that you will use commercially reasonable efforts to complete the Integration as soon as possible. You will be responsible for all of your own development and implementation costs associated with such Integration. Notwithstanding any other provision of this Section 63, you acknowledge that unless and until you complete the Integration, no Services need be provided by us to you pursuant to this Agreement, except as otherwise specifically provided in Section 63.5.2 below. In addition, you acknowledge and agree that, even if you have completed Integration, if you have not entered into a valid merchant processing agreement with an authorized bank card processor, you cannot receive the Services through the Platform.
- Set-Up Assistance Services. Subject to Section 63.5.1 above, upon your request to us, and upon payment of any applicable Fees, we will provide you with set-up services to assist with the
- Shut Downs. We reserve the right, from time to time, without prior notice, to shut down and restart the Platform for maintenance and /or software upgrades for reasonable time periods of one minute or
- Orders by Customers. You are solely responsible for accepting, processing, and filling any orders for purchases by your Customers, and for handling any inquiries arising therefrom. You shall use the highest standards in the industry in responding to complaints by We are not responsible or liable for any unauthorized access to your data or Your Systems by any means or device.
- Suspension of Access to the Platform and Services. We may suspend your access to the Platform and Services, without prior notice, with For purposes of this Section 63 the term “cause”, in addition to cause as defined under the Agreement, shall mean that significant activity by you has been detected (which excludes a high volume of transactions) or the security or integrity of the Platform is materially compromised. We will make commercially reasonable efforts to provide prior notification to you of any such proposed suspension and provide you with a reasonable opportunity to cure, provided just you (and no other user) are affected, and provided such cure is allowed by the applicable law or the Card Organization Rules. If prior notification to you is not possible because such significant activity or security issue would materially and adversely affect other users of the Platform and Services, then we will provide notice of such suspension as promptly as possible thereafter with detailed information regarding the suspected fraudulent activity or security issue, as well as any other information that can assist you with identifying the root cause of the problem responsible for such suspension. Upon a determination by us that you are not responsible for the fraudulent activity or security issue resulting in the suspension or any security threat as abated, the Services and your license to the Software shall be promptly re-activated and the Services under this Section
63 shall recommence. Regardless of the reason for such suspension, you shall be responsible for the payment of all fees due up to and including the effective date of the suspension.
63.6 Security of Information. We will use commercially reasonable efforts to maintain the security of the Services and the Platform. You will use commercially reasonable efforts to maintain the security of Your Systems. Such steps by you will be taken at your sole cost and expense, and shall include, without limitation: (i) creating firewalls to protect against unauthorized access to Your Systems by your employees, contractors, Customers, or by any other person; and (ii) implementing reasonable protective techniques suggested by us. You further agree that you will be bound by and comply with all of our and all Card Organization security rules and regulations as they now exist or as each may be amended or supplemented from time to time. Notwithstanding the foregoing, the parties recognize that there is no guarantee or absolute security of information that is communicated over the internet.
- We have adopted online Privacy Statement(s) to inform individuals as to our online collection and use of personal information. You agree that, during the term of this Agreement, you will adequately communicate and comply with an appropriate privacy policy explaining your online collection and use of the personal information of your Customers. Unless required by law, Card Organization Rules, or done pursuant to this Agreement, you shall not, under any circumstances, sell, purchase, provide, or otherwise disclose any customer’s account information, transaction information, or other personal information to any third party. You shall store all data securely. We may advise potential users of the services that we have a relationship with you.
63.7 Audit Rights. Upon notice to you, we may audit your usage, records and security of the Services, your Customer’s payment processing information, and the services provided hereunder to ensure (i) that you are using the Services in full compliance with the provisions of this Section 63; (ii) that all applicable fees have been paid; (iii) that you are adhering to your privacy policy; and; (iv) that you are in full compliance with all applicable laws, regulations and rules (including but not limited to Card Organization Rules). Any such audit shall be conducted during regular business hours at your offices and shall not interfere unreasonably with your business.
63.8 Indemnification. You shall indemnify, defend, and hold us, our subsidiaries and affiliates and our and their officers, directors, employees, shareholders, agents and attorneys from any Claim(s) arising from the conduct of your business, any Transactions submitted through the Platform hereunder for payment processing, any false or inaccurate representation made by you or the negligence, fraud, dishonesty or willful behavior of any of your employees or agents, or from your failure to strictly comply, in whole or in part, with any: (i) terms and conditions pursuant to this Agreement and any addenda hereto or Documentation; or (ii) applicable law, regulations or rules. Upon written notice from us to you, you shall immediately undertake the defense of such Claim by representatives of your own choosing, subject to our reasonable approval.
63.9 Limitation of Liability.
- Processor is not liable for the merit and legitimacy of the orders forwarded by you. All liability for validity of orders remains with you. We are not responsible for any data entry errors, Customer misrepresentations, or reporting errors resulting from your actions. We shall not be liable to you or your Customer for the accuracy of the information provided by the Platform or our
- In no event shall we be liable to you, or to any other person or entity, under this Section 33, or otherwise, for any punitive, exemplary, special, incidental or consequential damages, including, without limitation, any loss or injury to earnings, profits or
- Notwithstanding any provision in this Agreement to the contrary, in no event shall our liability under this Section 63 for all Claims arising under, or related to, this Section 33 exceed, in the aggregate (inclusive of any and all Claims made by you against us, whether related or unrelated), the lesser of: (i) the total amount of fees paid by you for the our Services during the 12-month period immediately preceding the date the event giving rise to such Claim(s) occurred; or (ii) $50,000.00.
- Notwithstanding provisions set forth herein, we will not be liable for any Claims under this Agreement arising directly or indirectly from or otherwise concerning: (a) any termination, suspension, delay or disruption of service (including billing for a service) by the Internet, any common carrier or any third party service provider; (b) any failure, disruption or malfunction of the Services provided hereunder or the Internet, or any communications network, facility or equipment beyond our reasonable control, whether or not attributable to one or more common carriers or third party service providers; (c) any failed attempts by you or your Customers to access any Systems or to complete processing transactions; or (d) any failure to transmit, obtain or collect data from Customers or for human, machine or software errors or faulty or your or your Customer’s erroneous input. Except as expressly agreed to by us in writing with respect to any Separate Product, we are not liable for any Excluded
63.10 Disclaimer of Warranties. YOU ACKNOWLEDGE AND AGREE THAT THE USE OF THE PAYEEZY GATEWAY SERVICES AND DOCUMENTATION ARE AT YOUR SOLE RISK WE MAKE NO REPRESENTATION OR WARRANTY, EXPRESS OR IMPLIED, AND NO IMPLIED AT LAW WARRANTY SHALL ARISE FROM THIS SECTION, PAYEEZY GATEWAY SERVICES, DOCUMENTATION, OUR PROCEDURES, OTHER SERVICES PROVIDED OR PERFORMED BY US HEREUNDER, INCLUDING, WITHOUT LIMITATION: (A) ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, (B) ANY WARRANTIES OF NONINTERFERENCE OR NON-INFRINGEMENT; OR (C) ANY WARRANTIES THAT ANY PRODUCT OR SERVICE PROVIDED HEREUNDER (INCLUDING BUT NOT LIMITED TO THE SOFTWARE) WILL (1) MEET YOUR REQUIREMENTS; (2) OPERATE ACCORDING TO YOUR EXPECTATIONS; (3) PROVIDE ACCURATE DATA; OR (4) OPERATE UNINTERRUPTED OR ERROR FREE. ANY AND ALL SUCH WARRANTIES ARE EXPRESSLY DISCLAIMED BY US AND WAIVED BY YOU. WE DO NOT WARRANT THAT ANY ERRORS WILL BE CORRECTED. EXCEPT AS OTHERWISE SPECIFICALLY SET FORTH HEREIN, THE PAYEEZY GATEWAY SERVICES, (INCLUDING WITHOUT LIMITATION THE PAYEEZY GATEWAY AND SOFTWARE), DOCUMENTATION AND OTHER SERVICES PROVIDED HEREUNDER ARE PROVIDED ON AN “AS-IS, WITH ALL FAULTS” BASIS. THIS DISCLAIMER OF WARRANTIES CONSTITUTES AN ESSENTIAL PART OF THIS AGREEMENT. All decisions to reject any processing transaction or payment for your products or services are solely your responsibility.
63.11 Notices. You agree to notify us of any change in your name, type of business, or any other information required on your Merchant Processing Application at least thirty (30) business days prior to the effective date of change. Any notice or other communication required or permitted to be given hereunder shall be in writing, addressed or transmitted to the party to be notified at such party’s address or number at such party’s last known address or number, and shall be: (i) if sent by us, hand delivered or delivered by facsimile transmission, overnight courier or certified, registered, regular mail or e-mail; or (ii) if sent by you, certified or registered mail, postage prepaid return receipt requested to 6675 N.W. 120th Avenue, Coral Springs, FL 33065. Any notice delivered hereunder shall be deemed effective, as applicable, upon delivery, if hand delivered or sent by overnight courier; upon receipt as evidenced by the date of transmission indicated on the transmitted material, if by facsimile transmission or e-mail; on the date of delivery indicated on the return receipt, if mailed by certified or registered mail; or ten (10) days after mailing, if by regular mail (or as otherwise required by applicable law). The parties’ addresses may be changed by written notice to the other party as provided herein.
63.12 Subcontractors. Processor may subcontract all or part of the Services using a variety of providers globally, but, notwithstanding any such subcontract, Processor shall remain fully responsible for performance of the Services, including ensuring the compliance of subcontractors with the terms of this Agreement applicable to such subcontractors.
63.13 Survival. Upon termination or expiration of this Section 63 or the Agreement, a party’s obligations shall cease except for those remaining or required to be performed following such termination. For the avoidance of doubt, the parties agree that those provisions of this Section that logically should survive its termination or expiration in order to accomplish its fundamental purposes will do so. All representations, warranties, indemnities and covenants made herein shall survive the termination of this Section and shall remain enforceable after such termination.
- Special Provisions Regarding Clover Insights Services
Terms and Conditions
If you elect to utilize the First Data Clover InsightsSM Solution (“Clover Insights”) the terms and condition in this Section 64 shall apply (“Clover Insights Terms and Conditions”); and if you were granted a First Data Clover Insights Temporary Demonstration License, an election for Services under this Section 64 shall serve to supersede it. Clover Insights is provided to you by Processor and not Bank. Bank is not liable to you in any way with respect to Clover Insights. Clover Insights, transactions processed, and other matters contemplated under Section 64 are subject to the terms and conditions of the Agreement, as applicable, except to the extent the terms directly conflict with the Clover Insights Terms and Conditions, in which case the Clover Insights Terms and Conditions will control.
64.1 Definitions. Capitalized terms used herein shall have the meanings given to such terms as set forth in Section 64.1 or as defined elsewhere in this Section 64, or the Agreement.
“Customer” means a Person who makes a purchase of goods or services from you, the transaction detail of which is utilized in Clover Insights.
“Customer Information” means information about your Customers (e.g., name, mailing address, card account number, e-mail address, telephone number) obtained in connection with your use of the Services and may be utilized in Clover Insights.
“Data” means transaction data that may include processing data from First Data Merchant Services LLC’s credit and debit information warehouse and other available sources that First Data Merchant Services LLC owns or has a contractual or other right to use in Clover Insights.
“Device” means a tablet, computer, smartphone or other mobile device, or other device that you use to access the Clover Insights website to receive or to which you receive communications from Clover Insights.
“First Data” means First Data Corporation, which is the parent company of First Data Merchant Services LLC.
“First Data Clover Insights Marks” means the trademarks or service marks related to Clover InsightsSM and sub-licensed to you by Processor.
“First Data Clover Insights Solution” or “Clover Insights Solution” means the website or the application associated with Clover InsightsSM, the object code version of the Clover Insights software applications and communications you receive from the applications. Among other things, Clover Insights allows merchants to track and visualize information regarding their own revenue, ticket size, and Customers contained in the Data and other third party data sources. Clover Insights may also permit a merchant to compare its performance to groups of similar businesses within their industry and /or certain geographic areas using the Data and other third party data sources, subject to certain limitations. The features and functionality of Clover Insights may be modified from time to time by First Data or its third party provider(s). For the avoidance of doubt, the term “software” in this definition does not include any software that may be obtained by you separately from Clover Insights (e.g., any applications downloaded by you). The First Data Clover Insights Solution is deemed part of the “Services,” as defined in and provided under the Agreement.
“Clover Insights Solution Fees” means the fees charged for your use of the First Data Clover Insights Solution, which includes additional fees for multiple locations.
“Third Party Services” are the services, products, promotions or applications provided to you by or through someone other than Processor.
“User Documentation” means that documentation regarding the operation, guidelines and features and functionality of Clover Insights that is made available to you from time to time at the website, by internet link or otherwise. User Documentation may be modified from time to time by First Data or its third party provider(s).
64.2 License Grant. Subject to the Clover Insights Terms and Conditions in this Section 64, Processor grants you a personal, limited, non-exclusive, revocable, non-transferable sub-license, without the right to further sub-license or assign in any way, to electronically access and use, solely in the United States, Clover Insights to manage your establishment(s) and analyze associated point of sale activities within the United States. For purposes of this Section 64, “United States” does not include U.S. Territories or possessions. Clover Insights is for your internal business use only. This Section 64 does not grant you any rights to First Data Clover Insights Marks. Except for the license expressly granted herein, all intellectual property and proprietary rights in or related to Clover Insights and First Data Clover Insights Marks are and will remain the sole and exclusive
property of First Data or its affiliates, vendors, or third party provider(s) (as applicable), and any and all right, title and interest associated with Clover Insights not expressly granted in this Section 64 is deemed withheld.
64.3 Restrictions.
64.12.1 You may not, nor may you permit any third party, other than employees and agents with a business need, to do any of the following: (a) access or attempt to access Clover Insights (or any part) that is not expressly made available for public use; (b) decompile, disassemble, reverse engineer, or otherwise attempt to reconstruct or discover by any means any source code or any underlying data, ideas or algorithms of Clover Insights (or any part), except to the extent that such restriction is expressly prohibited by law; (c) modify, translate, or alter in any manner, Clover Insights (or any part), or First Data Clover Insights Marks; (d) create derivative works of or based on Clover Insights (or any part) or Clover Insights Marks; (e) except for backup and archival purposes, directly or indirectly copy Clover Insights (or any part), except screen shots may be copied and retained solely for internal business purposes; (f) republish, upload, post, transmit, disclose, or distribute (in any format) Clover Insights (or any part) except as expressly permitted herein; (g) access or use (in any format) Clover Insights (or any part) through any time-sharing service, service bureau, network, consortium, or other means; (h) rent, lease, sell, sublicense, assign, or otherwise transfer your license rights to any third party, whether by operation of law or otherwise; (i) use or ship Clover Insights (or any part) outside of the United States, or access Clover Insights (or any part) from outside the United States, without in any case obtaining our advance written consent; (j) remove, relocate, or otherwise alter any proprietary rights notices from Clover Insights (or any part), or First Data Clover Insights Marks; (k) perform or attempt to perform any actions that would interfere with the proper working of Clover Insights, prevent access to or use of Clover Insights by other users, or in our reasonable judgment impose an unreasonable or disproportionately large load on Clover Insights’ infrastructure, network capability or bandwidth; or (l) use Clover Insights (or any part) except as permitted in Section 64.2.
64.12.2 You shall not take any action inconsistent with the stated title and ownership in Section 64.2. You will not file any action in any forum that challenges the ownership of any part of Clover Insights, any related software, materials or User Documentation. Failure to comply with this provision will constitute a material breach of this Agreement and may restrict Processor’s ability to sublicense Clover Insights to you. Processor has the right to immediately terminate Services under this Section 64, and First Data has the right to immediately terminate your access to and use of Clover Insights in the event of a challenge by you.
64.4 Clover Insights Limitations and Requirements.
64.12.1 You may access Clover Insights through your Device using a wired (ethernet) or wireless (wifi or cellular) connection to the Internet. You are solely responsible for the payment of any fees that may be imposed by your Internet/data provider. Your use of Clover Insights may be subject to: (a) the terms of your agreements with your Internet / data provider; and (b) the availability or uptime of the services provided by your Internet/ data provider.
64.12.2 You may use Clover Insights to conduct analysis of the Data and third party data made available through Clover Insights application and/or other tools made available at the website or in the application.
64.12.3 First Data may alter which Devices and browsers are approved as compatible with Clover Insights in its discretion from time-to-time.
64.12.4 First Data may perform maintenance on Clover Insights from time to time which may result in service interruptions, delays, or errors. Neither First Data nor its affiliates, vendors, or third party provider(s), will be liable for any such interruptions, delays, errors, or bugs. You agree that First Data or its affiliates, vendors, or third party provider(s) may contact you in order to assist you with Clover Insights and obtain information needed to identify and fix any errors.
64.12.5 You shall at all times comply with the User Documentation.
64.12.6 You shall comply with the following requirements in connection with your use of Clover Insights:
64.4.6.1 In the event you are able to discern any information about a particular entity or individual from the information available from Clover Insights, either alone or with other information in your possession, you understand and acknowledge that the information may be subject to certain privacy, marketing, insider trading, or other applicable laws and you will limit your use thereof in accordance with all applicable laws.
64.4.6.2 With respect to each Customer who desires to receive marketing material or other communications from you via text message or email, such Customer must check the appropriate consent or the consent must be provided in writing; you are NOT permitted to add or modify a Customer’s consent indication on his behalf.
64.4.6.3 You (or your agents acting on your behalf) may only send marketing materials or other communications to the Customer’s provided phone number, street address, and/ or email address if the Customer has specifically consented in writing executed by the Customer.
64.4.6.4 NOTWITHSTANDING THE CAPABILITY OF CLOVER INSIGHTS TO COLLECT AND STORE CUSTOMER INFORMATION, SOME STATES MAY LIMIT YOUR USE OF SUCH INFORMATION ONCE COLLECTED, EVEN IF THE CUSTOMER HAS PROVIDED ITS CONSENT, AND/OR YOUR DISCLOSURE OF SUCH INFORMATION TO THIRD PARTIES. YOU ACKNOWLEDGE AND AGREE THAT (I) YOUR USE OF CUSTOMER INFORMATION OBTAINED IN CONNECTION WITH CLOVER INSIGHTS MAY BE SUBJECT TO LOCAL, STATE, AND/OR FEDERAL LAWS, RULES, AND REGULATIONS, (II) YOU ARE SOLELY RESPONSIBLE FOR KNOWING SUCH LAWS, RULES, AND REGULA TIONS, AND (III) YOU WILL AT ALL TIME STRICTLY COMPLY WITH ALL SUCH LAWS, RULES, AND REGULATIONS.
64.12.7 You shall comply fully with the requirements of all applicable federal, state and local laws and regulations related to your use of Clover Insights and provision and use of Customer Information and point of sale data in connection with Clover Insights. Furthermore, you are solely responsible for monitoring legal developments applicable to Clover Insights and the operation of your business, interpreting applicable laws and regulations, determining the requirements for compliance with all applicable laws and regulations, and maintaining an on-going compliance program.
64.12.8 In connection with Clover Insights, you shall receive a username and password to access Clover Insights. You are responsible for securely storing and keeping the username and password in accordance with this Section 64.10 below. You will not permit anyone unauthorized by you to use the username and password and you may only authorize your employees and agents with a business need to use the username and password. At such time as multiple usernames and passwords are available, you shall restrict the use of usernames and passwords to single individuals and you shall monitor use of Clover Insights to ensure compliance with this Section 64 by those to whom you have provided usernames and passwords and you shall keep records regarding who has access to which usernames and passwords at all times.
64.5 Equipment. You must obtain all equipment necessary for you to access and use the Clover Insights website. No communication channel or device to access the website is included within the provision of the First Data Clover Insights Solution, and you shall be responsible for all such equipment and communication channels, including but not limited to all device or channel compatibility.
64.6 Term and Termination. Clover Insights Terms and Conditions in this Section 64 shall become effective upon execution hereof and shall end when terminated as set forth herein. For the avoidance of doubt, except as set forth below, termination of Services under Section 36 will not terminate the underlying Agreement. You may terminate your First Data Clover Insights Solution services at any time upon thirty (30) days’ notice by calling the Customer Service number on your statement. Notwithstanding the foregoing sentence, upon as much advance notice as is commercially practicable, First Data may terminate your access to, and use of Clover Insights if (i) it is determined that you are using Clover Insights for any fraudulent, illegal, or unauthorized purpose, (ii) you violate the Clover Insights Terms and Conditions or an Event of Default occurs under the Agreement, (iii) First Data terminates its agreement with any third parties that are involved in providing Clover Insights, or (iv) First Data otherwise decides to discontinue providing Clover Insights. You acknowledge and agree that an occurrence of (i) or (ii) above may be deemed an Event of Default under the Agreement, thereby affording Processor and Bank all rights and remedies as set forth in the Agreement triggered by such an Event of Default, which may include immediate termination of the Services under Section 64 without notice.
64.7 Third Party Services. Clover Insights may be used in connection with Third Party Services that you obtain separately for your purposes (e.g., an accounting application on your Device). If you decide to use Third Party Services, you will be responsible for reviewing and understanding the terms and conditions associated with Third Party Services (including obtaining and maintaining any required third party hardware and /or software that is required for the Third Party Services to work with Clover Insights). Your access of any Third Party Services is at your own risk. Third Party Services are not governed by the terms and conditions of this Section 64 or the Agreement. ANY CONTENT DOWNLOADED OR OTHERWISE OBTAINED THROUGH THE USE OF THIRD PARTY SERVICES (E.G., ACCOUNTING APPLICATION) IS DOWNLOADED AT YOUR OWN RISK. NEITHER FIRST DATA NOR ITS AFFILIATES, VENDORS, OR THIRD PARTY PROVIDER(S), WILL BE RESPONSIBLE FOR ANY ACTIONS OR ANY FAILURES TO ACT OF ANY THIRD PARTY, AND SUCH LIABILITY RELATED TO ALL THIRD PARTY SERVICES IS EXPRESSLY DISCLAIMED.
64.8 Account Registration. First Data may require you to register at Clover Insights website or through the application. If and when prompted by the registration process, you agree to (a) provide true, accurate, current and complete information about yourself and/ or your business, and (b) maintain and update this information to keep it true, accurate, current and complete. If any information provided by you is untrue, inaccurate, not current or incomplete, First Data has the right to terminate your First Data Clover Insights account (“Account”) and refuse any and all current or future use of Clover Insights.
64.9 Privacy and Data Use. All data collected from you in connection with the Services or in connection with your use of Clover Insights, including Customer Information and information about your business and employees used with or stored in or by Clover Insights (collectively, “Account Data”), is collected by First Data, its affiliates, vendors, and/or third party provider(s) ; therefore, the use and sharing of such Account Data is controlled by the applicable Privacy Policy displayed and available at or through a link on the Clover Insights website. You acknowledge and agree that First Data, its affiliates, vendors, and/or third party provider(s) may access your Account Data, and our use of your Account Data is governed by the Clover Insights Terms and Conditions and the Agreement. You also agree that First Data, its affiliates, vendors, and/or third party provider(s) may access and use Account Data to provide or enhance Clover Insights or the Services.
64.10 Protecting Your Information. You are solely responsible for ensuring that your account numbers, passwords, security questions and answers, login details and any other security or access information used by you to use or access Clover Insights are kept safe and confidential. You must prevent unauthorized access to and use of any Account Data. You are responsible for all electronic communications sent to First Data, its affiliates, vendors, or third party provider(s) containing Account Data. When First Data receives communications containing Account Data, it will assume you sent it to First Data. You must immediately notify First Data if you become aware of any loss, theft or unauthorized use of any Account Data (see Clover Insights support center contact information below). First Data reserves the right to deny you access to Clover Insights, in whole or in part, if First Data believes that any loss, theft or unauthorized use of any Account Data or access information has occurred.
64.11 Accuracy of Information. You are solely responsible for ensuring the accuracy of all information and data regarding your business that you provide to First Data, its affiliates, vendors, and/or third party provider(s) in connection with Clover Insights (e.g., Customer Information). First Data, its affiliates, vendors, and/or third party provider(s) disclaim any and all liability arising out of any inaccuracies as a result of use of such information or data.
64.12 First Data Clover Insights Solution Disclaimer.
64.12.1 AS IS. USE OF CLOVER INSIGHTS IS AT YOUR OWN RISK. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, CLOVER INSIGHTS IS PROVIDED “AS IS” AND NEITHER FIRST DATA NOR ITS AFFILIATES, VENDORS, OR THIRD PARTY PROVIDER(S) MAKES ANY REPRESENTATIONS OR WARRANTIES OF ANY KIND (EXPRESS OR IMPLIED) WITH REGARD TO CLOVER INSIGHTS, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF ACCURACY, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON- INFRINGEMENT, OR THAT CLOVER INSIGHTS WILL FUNCTION UNINTERRUPTED OR ERROR-FREE, OR THAT CLOVER INSIGHTS IS SECURE, FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS OR THAT ANY DEFECTS OR ERRORS WILL BE CORRECTED.
64.12.2 Financial Advice. First Data Clover Insights Solution does not provide any business, investment or financial advice and is not advocating any business decision or the sale or purchase of any real property, stocks, bonds, or securities. First Data expressly states, and you hereby acknowledge, that Clover Insights is provided solely for informational purposes and are not to be used as a substitute for independent financial investment advice nor are they intended to be relied upon by any person or entity, including you or your Customers for the purposes of investment or other financial decisions. Clover Insights is not to be construed as providing business or investment advice and should not be used or construed, in whole or in part, as a basis or recommendation for an investment or business decision.
64.12.3 Accuracy. While First Data takes commercially reasonable measures to ensure the accuracy of the information and content contained in Clover Insights, it makes no representation or warranty of any kind with respect to Clover Insights. You acknowledge and agree that all use of Clover Insights by you and all other persons shall be: (i) based upon your own determination and evaluation and (ii) at your sole risk. At times the Data may include third party data that is appended to the Data and First Data has not investigated and does not make any representation or warranty with respect to the accuracy of the third party data.
64.13 Indemnity. Without limiting your indemnification obligations in the Agreement, you agree to indemnify and hold First Data, its affiliates, vendors, and third party provider(s) harmless from and against all losses, liabilities, damages, and expenses (including reasonable attorneys’ fees) arising out of or relating to:
64.12.1 Your failure to comply with all terms and conditions in this Section 36, including but not limited to User Documentation;
64.12.2 Your use (alone or in combination with any other information) of any Customer Information, reports, information or analytics obtained in connection with your use of Clover Insights;
64.12.3 The content or delivery of any marketing messages that you send or cause to be sent to any Customer phone number or email address collected through the use of Clover Insights; or
64.12.4 Any other party’s access and/or use of Clover Insights with your unique username, password, or other appropriate security code.
64.14 Notices. First Data, its affiliates, vendors, and /or third party provider(s) may provide notices and other information regarding Clover Insights to you via the method(s) described in the Agreement.
64.15 Amendment. First Data has the right to: (i) require changes or addition to the Clover Insights Terms and Conditions in Section 64 at any time, and (ii) change, delete, discontinue, or impose conditions on any feature or aspect of Clover Insights with notice provided to you as set forth in the Notices section of the Section 64. Any use of Clover Insights after the publication of any such changes shall constitute your acceptance of the Clover Insights Terms and Conditions as modified.
64.16 Ideas. You may choose to, or First Data, its affiliates, vendors, or third party provider(s) may invite you to, submit comments or ideas about Clover Insights, including, without limitation, about how to improve Clover Insights (“Ideas”). By submitting any Idea, you agree that: (a) First Data expressly disclaims any confidentiality obligations or use restrictions, express or implied, with respect to any Idea, (b) your submission will be non-confidential, and (c) First Data is free to use and disclose any Idea on an unrestricted basis without notifying or compensating you and without you claiming any rights therein. You release First Data, its affiliates, vendors, or third party provider(s) from all liability and obligations that may arise from the receipt, review, use or disclosure of any portion of any Idea.
64.17 Third Party Beneficiaries. First Data, its affiliates, vendors, or third party provider(s) used in providing Clover Insights are intended third party beneficiaries of this Section 64 as applicable, and each of them may enforce its provisions as if it was a party hereto. Except as expressly provided in this Section 64, nothing in this Section 64 is intended to confer upon any Persons any rights or remedies, and the parties do not intend for any Persons to be third-party beneficiaries of this Section 64.
64.18 Limitation of Liability. The cumulative liability to you from First Data, its affiliates, vendors, and third party provider(s) for any and all claims arising out of or resulting from this Section 64 shall not exceed the total for the Clover Insights Solution Fees you paid to the Processor in the twelve months immediately preceding any claim.
- Special Provisions Regarding Clover Services
If you elect to use the Clover Service, the following additional terms and conditions of this Section 65 shall apply. The Clover Service is provided to you by Processor and not Bank. The Clover Service, transactions processed, and other matters contemplated under this Section 65 are subject to the terms and conditions of the Agreement, as applicable, except to the extent the terms of this Section 65 directly conflict with another provision of the Agreement, in which case the terms of this Section 65 will control; provided however, Bank is not a party to this Agreement insofar as it applies to the Clover Service, and you acknowledge that Bank is not liable to you in any way with respect to the Clover Service. For the purposes of this Section, 65, the words “we,” “our” and “us” refer only to the Processor and not the Bank.
65.1 Definitions. Capitalized terms used herein shall have the meanings given to such terms as set forth in this Section 65 or as defined in the Glossary or elsewhere in this Agreement.
“Clover” means Clover Network, Inc.
“Clover Marks” means the trademarks or service marks of Clover, an affiliate of Processor.
“Clover Service” means the website associated with the Clover Service, the object code version of Clover software applications (whether owned or licensed by Clover) resident on a Device at the time we provide you with the Device and the object code version of the software that enables the applications resident on a Device at the time of provisioning, and any related updates (including software maintenance or bug fixes) that are designed to assist with the management of your business and enable payment processing at the point of sale, and any materials, documentation and derivative works released by Processor from time to time. For the avoidance of doubt, the term software in the preceding sentence does not include any software that may be obtained by you separately from the Clover Service (e.g., any applications downloaded by you through an application marketplace). The Clover Service is deemed part of the “Services,” as defined in and provided under the Agreement. “Customer” means a Person who makes a purchase of goods or services from you, the transaction for which utilizes the Clover Service.
“Customer Information” means information about your Customers (e.g., name, mailing address, e-mail address, telephone number) obtained in connection with your use of the Clover Service.
“Device” means a tablet, smartphone, or other mobile or fixed form factor identified by Processor from time to time as compatible with and capable of supporting the Clover Service.
“Third Party Services” are the services, products, promotions or applications provided by someone other than Processor.
65.2 License Grant. During the term of the Agreement, Processor grants you a personal, limited, non-exclusive, revocable, non-transferable license, without the right to sublicense or assign in any way, to electronically access and use the Clover Service solely in the United States to manage your establishment and conduct associated point of sale activities within the United States in accordance with the terms of this Section 65. For purposes of this Section 65, “United States” does not include U.S. Territories or possessions. The Clover Service is for your internal business use only. This Section 65 does not grant you any rights to the Clover Marks. All intellectual property and proprietary rights in or related to the Clover Service and the Clover Marks are and will remain our, our affiliates’, our vendors’, or our licensors’ (as applicable) sole and exclusive property, and any and all right, title and interest associated with the Clover Service not expressly granted by Processor in this Section 65 are deemed withheld
65.3 Restrictions. You may not, nor may you permit any third party to do any of the following: (a) access or attempt to access the Clover Service (or any part) that is not intended or made available for public use; (b) decompile, disassemble, reverse engineer, or otherwise attempt to reconstruct or discover by any means any source code, underlying ideas or algorithms of the Clover Service (or any part), except to the extent that such restriction is expressly prohibited by law; (c) modify, translate, or alter in any manner, the Clover Service (or any part) or the Clover Marks; (d) create derivative works of or based on the Clover Service (or any part) or the Clover Marks; (e) except for backup and archival purposes, directly or indirectly copy the Clover Service (or any part); (f) republish, upload, post, transmit, disclose, or distribute (in any format) the Clover Service (or any part) except as permitted herein; (g) access or use (in any format) the Clover Service (or any part) through any time-sharing service, service bureau, network, consortium, or other means; (h) rent, lease, sell, sublicense, assign, or otherwise transfer your license rights to any third party, whether by operation of law or otherwise; (i) use or ship the Clover Service (or any part) outside of the United States, or access the Clover Service (or any part) from outside the United States, without in any case obtaining our advance written consent; (j) remove, relocate, or otherwise alter any proprietary rights notices from the Clover Service (or any part) or the Clover Marks; (k) perform or attempt to perform any actions that would interfere with the proper working of the Clover Service, prevent access to or use of the Clover Service by other users, or in our reasonable judgment impose an unreasonable or disproportionately large load on our infrastructure, network capability or bandwidth; or (l) use the Clover Service (or any part) except as permitted in subsection 65.2 above. You shall not take any action inconsistent with the stated title and ownership in subsection 65.2 above. You will not file any action, in any forum that challenges the ownership of any part of the Clover Service, any related software, materials or documentation. Failure to comply with this provision will constitute a material breach of this Agreement. We have the right to immediately terminate your access to and use of the Clover Service in the event of a challenge by you.
65.4 Clover Service Limitations and Requirements
65.4.1 You may access the Clover Service through your Device using a wired (ethernet) or wireless (wifi or cellular) connection to the Internet. You are solely responsible for the payment of any fees that may be imposed by your Internet/data provider. Your use of the Clover Service may be subject to: (a) the terms of your agreements with your Internet/data provider; and (b) the availability or uptime of the services provided by your Internet/data provider.
65.4.2 You may use the Clover Service to conduct point of sale activities offline; transactions initiated offline will be queued and submitted for authorization when Internet connectivity to the Clover System is restored. However, you assume all risk, responsibility and liability associated with any transaction that you choose to conduct while the Clover Service is used offline.
65.4.3 The Clover Service does not function with every mobile device. Processor may alter which Devices are approved as compatible with the Clover Service in our discretion from time-to-time.
65.4.4 We may perform maintenance on the Clover Service from time to time which may result in service interruptions, delays, or errors. We will not be liable for any such interruptions, delays, errors, or bugs. You agree that we may contact you in order to assist you with the Clover Service and obtain information needed to identify and fix any errors.
65.4.5 You shall at all times comply with any operating procedures, requirements, or guidelines regarding your use of the Clover Service that are posted on the Clover website or otherwise provided or made available to you (collectively, “Clover Ops Guide”).
65.4.6 You shall comply with the following requirements in connection with your use of the Clover Service:
- a) With respect to each Customer who requests the delivery of transaction receipts via text message or email, such Customer must enter his phone number or email address in the appropriate space displayed on the Device himself; you are NOT permitted to add or modify any Customer Information (including but not limited to phone number and email address) on behalf of a Customer.
- b) With respect to each Customer who desires to receive marketing material or other communications from you via text message or email, such Customer must check the appropriate consent check box displayed on the Device himself; you are NOT permitted to add or modify a Customer’s consent indication on his behalf.
- c) You (or your agents acting on your behalf) may only send marketing materials or other communications to the Customer’s provided phone number, street address, and /or email address if the Customer has specifically consented by checking (himself) the applicable box displayed on the Device.
- d) NOTWITHSTANDING THE CAPABILITY OF THE CLOVER SERVICE TO COLLECT AND STORE CUSTOMER INFORMATION AND TO ALLOW YOUR CUSTOMERS TO ELECT TO RECEIVE MARKETING MATERIALS FROM YOU, SOME STATES MAY LIMIT YOUR USE OF SUCH INFORMATION ONCE COLLECTED, EVEN IF THE CUSTOMER HAS PROVIDED HIS CONSENT, AND/OR YOUR DISCLOSURE OF SUCH INFORMATION TO THIRD PARTIES. YOU ACKNOWLEDGE AND AGREE THAT (I) YOUR USE OF CUSTOMER INFORMATION OBTAINED IN CONNECTION WITH THE CLOVER SERVICE MAY BE SUBJECT TO LOCAL, STATE, AND/OR FEDERAL LAWS, RULES, AND REGULATIONS, (II) YOU ARE SOLELY RE SPONS -IBLE FOR KNOWING SUCH LAWS, RULES, AND REGULATIONS, AND (III) YOU WILL AT ALL TIME STRICTLY COMPLY WITH ALL SUCH LAWS, RULES, AND REGULATIONS.
- e) If TransArmor software is resident on your Device at the time we provide you with the Device and therefore part of the Clover Service, it will be used to perform such encryption and tokenization (“TransArmor Service”) and the additional terms set forth in Section 38 apply. However you will only receive the applicable TransArmor service subscribed by you as set forth in the Application.
- f) You are responsible to provide and obtain any disclosures and consents related to the E-SIGN Act that may be required in connection with your communications and agreements with your Customers.
65.5 Fees. You shall pay Processor the fees for Clover Service asset forth on the Application.
65.6 Term and Termination. The Clover Service may be terminated at any time by either party upon thirty (30) days’ written notice to the other party. Notwithstanding the foregoing sentence, upon as much advance notice as is commercially practicable, we may suspend or terminate the Clover Service if (a) we determine that you are using Clover Service for any fraudulent, illegal, or unauthorized purpose, (b) you violate the terms of this Section 65 or an Event of Default occurs under the Agreement, (c) we terminate our agreement with any third parties that are involved in providing the Clover Service, or (d) Processor otherwise decides to discontinue providing the Clover Service. You acknowledge and agree that an occurrence of (a) or (b) above may be deemed an Event of Default under the Agreement, thereby affording Processor and Bank all rights and remedies as set forth in the Agreement triggered by such an Event of Default, which may include immediate termination of the Agreement without notice.
65.7 Third Party Services. The Clover Service may contain links to Third Party Services (e.g., an application marketplace). If you decide to use Third Party Services, you will be responsible for reviewing and understanding the terms and conditions associated with Third Party Services (including obtaining and maintaining any required third party hardware and /or software that is required for the Third Party Services to work with the Clover Service). Your access of any Third Party Services is at your own risk. Third Party Services are not governed by the terms and conditions of this Section 37 or the Agreement. ANY CONTENT DOWNLOADED OR OTHERWISE OBTAINED THROUGH THE USE OF THIRD PARTY SERVICES (E.G., APPLICATION MARKETPLACE AND ANY APPS AVAILABLE AT SUCH APPLICATION MARKETPLACE) IS DOWNLOADED AT YOUR OWN RISK. PROCESSOR WILL NOT BE RESPONSIBLE FOR ANY ACTIONS OR ANY FAILURES TO ACT OF ANY THIRD PARTY, AND PROCESSOR EXPRESSLY DISCLAIMS ANY LIABILITY RELATED TO ALL THIRD PARTY SERVICES. PROCESSOR DOES NOT WARRANT, ENDORSE, GUARANTEE, OR ASSUME RESPONSIBILITY FOR ANY THIRD PARTY SERVICE OR PRODUCT ADVERTISED OR OFFERED THROUGH THE CLOVER SERVICE OR ANY HYPERLINKED WEBSITE OR SERVICE, OR FEATURED IN ANY BANNER OR OTHER ADVERTISING, AND PROCESSOR WILL NOT BE A PARTY TO OR IN ANY WAY MONITOR ANY TRANSACTION BETWEEN YOU AND PROVIDERS OF THIRD PARTY SERVICES OR PRODUCTS.
65.8 Account Registration. We may require you to register and create a “Member” or “Merchant” account to use the Clover Service. If and when prompted by our registration process, you agree to (a) provide true, accurate, current and complete information about yourself and/or your business, and (b) maintain and update this information to keep it true, accurate, current and complete. If any information provided by you is untrue, inaccurate, not current or incomplete, we have the right to terminate your Clover Service account (“Account”) and refuse any and all current or future use of the Clover Service.
65.9 Privacy and Data Use. All data collected from you at www.clover.com or in connection with your use of the Clover Service, including Customer Information and information about your business and employees used with or stored in or by the Clover Services (collectively, “Account Data”), is collected by Clover and not Processor or Bank; therefore, the use and sharing of such Account Data is controlled by the Clover Privacy Policy (available at https://www.clover.com/ privacy_policy). You acknowledge and agree that we may access your Account Data upon our request to Clover, and our use of your Account Data is governed by the terms set forth in the Agreement.
65.10 Protecting Your Information. You are solely responsible for ensuring that your account numbers, passwords, security questions and answers, login details and any other security or access information used by you to use or access the Clover Service are kept safe and confidential. You must prevent unauthorized access to and use of any Account Data. You are responsible for all electronic communications sent to us or to any third party (including Clover) containing Account Data. When we receive communications containing Account Data, we assume you sent it to us. You must immediately notify us if you become aware of any loss, theft or unauthorized use of any Account Data. We reserve the right to deny you access to the Clover Service, in whole or in part, if we believe that any loss, theft or unauthorized use of any Account Data or access information has occurred.
65.11 Accuracy of Information. You are solely responsible for ensuring the accuracy of all information and data regarding your business that you provide to us or our service providers in connection with the Clover Service (e.g., menus loaded onto the Device). In addition, you are solely responsible for verifying that all information and data loaded onto a Device by us or our service providers at your request are accurate prior to your business use of such Device. We and our service providers disclaim any and all liability arising out
65.12 Clover Service Disclaimer. USE OF THE CLOVER SERVICE OR ANY EQUIPMENT PROVIDED WITH THE CLOVER SERVICE IS AT YOUR OWN RISK. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE CLOVER SERVICE IS PROVIDED “AS IS” AND PROCESSOR MAKES NO REPRESENTATIONS OR WAR -RANTIES OF ANY KIND (EXPRESS OR IMPLIED) WITH REGARD TO THE CLOVER SERVICE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF ACCURACY, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-IN FRINGE – MENT, OR THAT THE CLOVER SERVICE WILL FUNCTION UNINTER RUPTED OR ERROR-FREE, OR THAT THE CLOVER SERVICE IS SECURE, FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS OR THAT ANY DEFECTS OR ERRORS WILL BE CORRECTED.
65.13 Indemnity. Without limiting your indemnification obligations in the Agreement, you agree to indemnify and hold us harmless from and against all losses, liabilities, damages, and expenses (including reasonable attorneys’ fees) arising out of or relating to:
- a) Your failure to comply with all terms and conditions in this Section 65, including but not limited to the Clover Ops Guide;
- b) Your use of any Customer Information obtained in connection with your use of the Clover Service;
- c) The content or delivery of any marketing messages that you send or cause to be sent to any Customer phone number or email address collected through the use of the Clover Service; or
- d) Any other party’s access and/or use of the Clover Service with your unique username, password, or other appropriate security code.
65.14 Notices. We may provide notices and other information regarding the Clover Service to you via the method(s) described in the Agreement or in the E-Sign Consent Agreement set forth below.
65.15 Amendment. We have the right to change or add to the terms of this Section 65 at any time, and to change, delete, discontinue, or impose conditions on any feature or aspect of the Clover Service with notice provided to you as set forth in subsection 65.14 above. Any use of the Clover Service after our publication of any such changes shall constitute your acceptance of this Agreement as modified.
65.16 Ideas. You may choose or we may invite you to submit comments or ideas about the Clover Service, including, without limitation, about how to improve the Clover Service (“Ideas”). By submitting any Idea, you agree that: (a) we expressly disclaim any confidentiality obligations or use restrictions, express or implied, with respect to any Idea, (b) your submission will be non-confidential, and (c) we are free to use and disclose any Idea on an unrestricted basis without notifying or compensating you. You release us from all liability and obligations that may arise from our receipt, review, use or disclosure of any portion of any Idea.
65.17 Third Party Beneficiaries. Processor’s Affiliates and any Persons Processor uses in providing the Clover Service are intended third party beneficiaries of this Section 65, and each of them may enforce its provisions as if it was a party hereto. Except as expressly provided in this subsection 65.17, nothing in this Section 65 is intended to confer upon any Persons any rights or remedies, and the parties do not intend for any Persons to be third-party beneficiaries of this Section 65.
- Special Provisions Regarding Clover Go Services
(Mobile Payments)
If you elect to use the Clover Go Service, the following additional terms and conditions of this Section 66 shall apply.
The Clover Go service is provided to you by Processor and not Bank. The Clover Go service, transactions processed, and other matters contemplated under this Section 66 are subject to the terms and conditions of the Agreement, as applicable, except to the extent the terms of this Section 66 directly conflict with another provision of the Agreement, in which case the terms of this Section 66 will control; provided however, Bank is not a party to this Agreement insofar as it applies to the mobile payments service, and you acknowledge that Bank is not liable to you in any way with respect to the mobile payments service. For the purposes of this Section, 66, the words “we,” “our” and “us” refer only to the Processor and not the Bank.
66.1. Your mobile payments service (“Clover Go Service”) enables you to accept card-based payments using (a) a smart phone or other supported mobile device that you provide,(b) an approved card reader you obtain from us (“Clover Go Reader”), and (c) an application (“Clover Go App”) that you download from the Apple App Store or Google Play. The Clover Go Service does not support offline point of sale activities and requires Internet connectivity for proper functioning. We may update the Clover Go Service from time to time.
66.2. Only Apple iOS and Google Android operating systems are compatible with the Clover Go Service, and only certain types of mobile devices using Apple iOS and Google
Android are supported for the Clover Go App and Clover Go Service. Please contact us for information on whether a particular mobile device is supported for the Clover Go App and Clover Go Service.
66.3. Additional terms of use (“Clover Go Terms”) apply to the Clover Go Service. From time to time, Clover Go Terms will be presented to you electronically on an “in- application” basis, and you will be required to “click to agree” before being permitted to use the Clover Go App. If we update the Clover Go Terms you will be required to “click to agree” to the updated Clover Go Terms in order to use the Clover Go App again.
66.4. TO USE THE CLOVER GO SERVICE, YOU MUST ALSO BE USING, AT A MINIMUM, THE TRANSARMOR DATA PROTECTION SERVICE, which is sometimes referred to as “TransArmor Tokenization and Encryption”. You may also choose to use the Clover Security Plus Solution Services, which includes the TransArmor Data Protection Service.
66.5. If you are already using the single-token version of either the TransArmor Data Protection Service or Clover Security Plus Services, then no additional TransArmor products are needed for the Clover Go Service.
66.6. If you are using the Payeezy Gateway or if you accept card-not-present payments (for example, Internet payments), you may need a different TransArmor product. Please contact us for information.
66.7. If you are not already using a TransArmor product, then you must first sign an agreement for an eligible TransArmor product.
66.8. USE OF CLOVER GO READERS IS AT YOUR OWN RISK. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, CLOVER GO READERS ARE PROVIDED “AS IS,” AND WE MAKE NO REPRESENTATIONS OR WARRANTIES OF ANY KIND (EXPRESS OR IMPLIED) WITH RESPECT TO CLOVER GO READERS, INCLUDING BUT NOT LIMITED TO: (a) WARRANTIES OF QUALITY, ACCURACY, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, OR NON-INFRINGEMENT, (b) ANY WARRANTY THAT THE CLOVER GO READERS WILL FUNCTION UNINTERRUPTED OR ERROR-FREE, (c) ANY WARRANTY THAT ANY DEFECTS OR ERRORS WILL BE CORRECTED, OR (d) ANY WARRANTY THAT THE CLOVER GO READERS ARE SECURE, FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS.
- Special Provisions Regarding Wireless Service
If you elect to purchase the Wireless Services from us as indicated on the Application, then the following terms and conditions of this Section 67, referred to as the “Wireless Services Terms,” shall apply. THE WIRELESS SERVICES ARE BEING SOLD TO YOU FOR USE IN BUSINESS AND ARE NOT BEING SOLD TO YOU FOR HOUSEHOLD OR PERSONAL USE.
Sale of Wireless Services is made by Processor and not the Bank. The Services provided, transactions processed and other matters contemplated under this Section 67 are subject to the rest of this Agreement, as applicable, except to the extent the terms of this Section 67 directly conflict with another section of this Agreement, in which case the terms of this Section 67 will control; provided, however, that Bank is not a party to this Agreement insofar as it relates to Wireless Services, and Bank is not liable to you in any way with respect to such services. For the purposes of this section, the words “we,” “our” and “us” refer only to the Processor and not to the Bank.
Through one or more third party vendors (“Wireless Vendor(s)”) selected by us in our sole discretion, we have acquired the right to resell certain wireless data communication services that use radio base stations and switching offered by certain cellular telephone and data networks throughout the country (the “Wireless Networks”) in order to allow you to capture and transmit to Processor and Bank certain wireless Card Authorization transactions or to transmit other communications to our system (“Wireless Services”).
If you elect to purchase voice and/or data services directly from a third party provider for use with the Wireless Equipment as permitted by Processor, you acknowledge and agree that this Agreement does not address or govern those voice and/or data services or your relationship with that third party provider, and Servicers are in no way responsible for providing, maintaining, servicing or supporting such third party voice and/or data services.
67.1 Purchase of Wireless Services. The prices that you will pay for the Wireless Services are set forth on the Application. In connection with your purchase of Wireless Services, you will receive access to a certain Wireless Network(s).
- Licenses. You agree to obtain any and all licenses, permits or other authorizations required by the Federal Communications Commission (“FCC”) or any other regulatory authority, if any, for the lawful operation of Wireless Equipment used by you in connection with your receipt of Wireless Services. You will promptly provide us with all such information as we may reasonably request with respect to matters relating to the rules and regulations of the FCC.
- Wireless Equipment. You agree that in order to access the Wireless Services, you must use wireless POS Terminals and accessories approved for use with the Wireless Services by Processor from time to time in its sole discretion (the “Wireless Equipment”). If Wireless Equipment is purchased by you from us as indicated on the Application, then the terms of this Agreement apply to your use of such Wireless Equipment.
- Improvements/General Administration. We and the Wireless Vendor(s) reserve the right to make changes, from time to time, in the configuration of the Wireless Services, Wireless Networks, Wireless Equipment, Wireless Software, rules of operation, accessibility periods, identification procedures, type and location of equipment, allocation and quantity of resources utilized, programming languages, administrative and operational algorithms and designation of the control center serving you at the particular address.
In addition, we reserve the right to schedule, from time to time, interruptions of service for maintenance activities.
- Suspension of Wireless Services. We or a Wireless Network may suspend the Wireless Services to: (a) prevent damages to, or degradation of, our or a Wireless Network’s network integrity that may be caused by a third party; (b) comply with any law, regulation, court order or other governmental request which requires immediate action; or (c) otherwise protect us or a Wireless Network from potential legal liability. To the extent commercially reasonable, we shall give notice to you before suspending the Wireless Services to you. If not commercially reasonable to give prior notice, we will give notice to you as soon as commercially practicable thereafter. Availability of the Wireless Services may vary due to events beyond the control of us or our Wireless Vendors. In the event of a suspension of the Wireless Services, we or the applicable Wireless Vendor will promptly restore the Wireless Services after the event giving rise to the suspension has been resolved.
67.2 Software Licenses. Processor hereby grants to you a non-exclusive, non- transferable, revocable limited sublicense to use any wireless software (including any documentation relating to or describing the wireless software) downloaded by you or your designee from Processor’s systems onto the Wireless Equipment in connection with your purchase and use of the Wireless Services in accordance with the terms of this Agreement, including this Section 67. Anything in this Agreement to the contrary notwithstanding, we or certain third parties retain all ownership and copyright interest in and to all Wireless Software, related documentation, technology, know-how and processes embodied in or provided in connection with the Wireless Software, and you shall have only a nonexclusive, non-transferable license to use the Wireless Software in your operation of the Wireless Equipment for the purposes set forth in this Agreement. Nothing in this Agreement confers any title or ownership of any such Wireless Software to you or shall be construed as a sale of any rights in any such Wireless Software to you. You agree to accept, agree to and be bound by all applicable terms and conditions of use and other license terms applicable to such Wireless Software. You shall not reverse engineer, disassemble or decompile the Wireless Software. You shall not give any Person access to the Wireless Software without our prior written consent. Your obligations under this Section 67.2 shall survive the termination of this Agreement. You acknowledge that the only right you obtain to the Wireless Software is the right to use the Wireless Software in accordance with the terms in this Section.
67.3 Limitation on Liability. We shall have no liability for any warranties by any party with respect to uninterrupted Wireless Services, as set forth in Section 67.10, or for any Person’s unauthorized access to Client’s data transmitted through either the Wireless Equipment or Wireless Services (including the Wireless Software), or Wireless Networks, regardless of the form of action (whether in contract, tort (including negligence), strict liability or otherwise). The foregoing notwithstanding, for any other liability arising out of or in any way connected with these Wireless Services terms, including liability resulting solely from loss or damage caused by partial or total failure, delay or nonperformance of the Wireless Services or relating to or arising from your use of or inability to use the Wireless Services, Processor’s, Bank’s, and Wireless Vendor(s)’ liability shall be limited to your direct damages, if any, and, in any event, shall not exceed the lesser of the amount paid by you for the particular Wireless Services during any period of failure, delay, or nonperformance of the Wireless Services or $50,000.00. In no event shall Servicers, Wireless Vendor(s) or our respective Affiliates be liable for any indirect incidental, special, consequential or punitive damages. The remedies available to you under these Wireless Services Terms will be your sole and exclusive remedies with respect to the Wireless Services.
67.4 Indemnification. In addition to any other indemnifications as set forth in this Agreement, you will indemnify and hold Servicers, Wireless Vendor(s) and our respective officers, directors, employees, and Affiliates harmless from and against any and all losses, claims, liabilities, damages, costs or expenses arising from or related to: (a) the purchase, delivery, acceptance, rejection, ownership, possession, use condition, liens against, or return of the Wireless Equipment or the Wireless Equipment (including the Wireless Software), as applicable; (b) your negligent acts or omissions; (c) any breach by you of any of your obligations under this Section 67; or (d) any Person’s unauthorized access to Client’s data and/or unauthorized financial activity occurring on your Merchant Identification Number hereunder, except to the extent any losses, liabilities, damages or expenses result from our gross negligence or willful misconduct.
67.5 Confidentiality. All information or materials which could reasonably be considered confidential or competitively sensitive that you access from or relate to either Wireless Vendor(s) or Servicers related to the subject matter of these Wireless Services Terms will be considered confidential information. You will safeguard our confidential information with at least the same degree of care and security that you use for your confidential information, but not less than reasonable care.
67.6 Termination. In addition to any other provision in this Agreement, the Wireless Services being provided under this Section 67 may terminate:
- a) Immediately upon termination of the agreement between us (or our Affiliates) and Wireless Vendor(s), provided that we will notify you promptly upon our notice or knowledge of termination of such agreement, provided further that if Wireless Vendor(s) loses its authority to operate less than all of the Wireless Services or if the suspension of any authority or non-renewal of any license relates to less than all of the Wireless Services, then these Wireless Services Terms will terminate only as to the portion of the Wireless Services affected by such loss of authority, suspension or non- renewal; or
- b) Immediately if either we or our Affiliates or Wireless Vendor(s) are prevented from providing the Wireless Services by any law, regulation, requirement, ruling or notice issued in any form whatsoever by judicial or governmental authority (including without limitation the FCC).
67.7 Effect of Termination. Upon termination of these Wireless Services Terms for any reason, you will immediately pay to us all fees due and owing to us hereunder. If these Wireless Services terms terminate due to a termination of the agreement between us or our Affiliates and Wireless Vendor(s), then we may, in our sole discretion, continue to provide the Wireless Services through Wireless Vendor(s) to you for a period of time to be determined as long as you continue to make timely payment of fees due under these Wireless Services Terms.
67.8 Third Party Beneficiaries. Wireless Vendor(s) are third party beneficiaries of these Wireless Services Terms and may enforce its provisions as if a party hereto.
67.9 Other Applicable Provisions. You also agree to be bound by all other terms and conditions of this Agreement.
67.10 Disclaimer. Wireless Services use radio transmissions, so Wireless Services can’t be provided unless your Wireless Equipment is in the range of one of the available Wireless Networks’ transmission sites and there is sufficient network capacity available at that moment. There are places, particularly in remote areas, with no service at all. Weather, topography, buildings, your Wireless Equipment, and other conditions we don’t control may also cause failed transmissions or other problems. PROCESSOR, BANK, AND WIRELESS VENDOR(S) DISCLAIM ALL REPRESENTATIONS AND WARRANTIES RELATING TO WIRELESS SERVICES. WE CANNOT PROMISE UNINTERRUPTED OR ERROR-FREE WIRELESS SERVICE AND DO NOT AUTHORIZE ANYONE TO MAKE ANY WARRANTIES ON OUR BEHALF.
- Special Provisions Regarding Clover Security Plus
Clover Security Plus consists of a POS security monitor, the TransArmor Data Protection service, and tools that you can use to help you meet your PCI DSS compliance obligations. Each of these services is described in more detail below. Clover Security Plus is provided to you by Processor and not by Bank. Clover Security Plus is available only for Level 3 and Level 4 merchants, as defined by the Payments Organizations. Clover Security Plus is not available for Level 1 or Level 2 merchants.
68.1 The POS security monitor offers you monitoring, scanning, and anti-virus software services for your point of sale computer systems. The TransArmor Data Protection service is described in Sections 68.14 and 68.15.
68.2 Scanning Authority; Scanning Obligations. You represent and warrant that you have full right, power, and authority to consent for Clover Security Plus to scan for vulnerabilities in the IP address and/or URL and/or domain names identified to us by you for scanning, whether electronically or by any other means, whether during initial enrollment or thereafter. If applicable, you shall obtain all consents and authorizations from any third parties necessary for us or our vendors to perform the Clover Security Plus services, including, without limitation, third party data centers, co-locations and hosts. We will not be required to execute agreements with any such third parties. You agree to defend, indemnify and hold us and our vendors harmless from any third party claim that such access was not authorized. You may use Clover Security Plus and portals only to scan IP addresses, URLs and domain names owned by and registered to you. You understand that your failure to provide a complete list of and complete access to your IP addresses will significantly impair the scanning services and may result in incomplete or inaccurate results. You agree that the Clover Security Plus services hereunder, including without limitation their functionality and contents, constitute confidential information, and your use and/or access to the Clover Security Plus is subject to the terms of confidentiality set forth in this Agreement.
68.3 Data Collection. In the course of providing the Clover Security Plus, we may collect information relating to activities on your network (the “Data”) including, but not limited to: network configuration, TCP/IP packet headers and contents, log files, malicious codes, and Trojan horses. We retain the right to use the Data or aggregations thereof for any reasonable purpose.
68.4 Data Protection; Responsibilities of Client. Data Protection applies only to card transactions sent from you to us for authorization and settlement pursuant to the Agreement, and specifically excludes electronic check transactions. You are responsible to comply with the following regarding your use of Data Protection:
(a) Data Protection can only be used with an eligible POS device, gateway, interactive voice response system, or similar system or equipment sale device, gateway, that is certified by us for use with Data Protection. If you are uncertain whether your equipment is eligible or certified, please contact us. It is your responsibility to ensure that you have eligible equipment in order to use Data Protection.
(b) You must demonstrate and maintain your current PCI DSS compliance certification. Compliance must be validated either by a Qualified Security Assessor (QSA) with corresponding Report on Compliance (ROC) or by successful completion of the applicable PCI DSS Self-Assessment Questionnaire (SAQ) or Report on Compliance (ROC), as applicable, and if applicable to your business, passing quarterly network scans performed by an Approved Scan Vendor, all in accordance with card organization rules and PCI DSS. Use of the Data Protection will not, on its own, cause you to be compliant or eliminate your obligations to comply with PCI DSS or any other Card Organization Rule. You must also ensure that all third parties and software that you use for payment processing comply with the PCI DSS.
(c) You must deploy Data Protection (including implementing any upgrades to such service within a commercially reasonable period of time after receipt of such upgrades) throughout your systems including replacing existing Card numbers on your systems with Tokens. Full Card numbers must never be retained, whether in electronic form or hard copy.
(d) You must use the Token in lieu of the Card number for ALL activities subsequent to receipt of the authorization response including, settlement processing, retrieval processing, chargeback and adjustment processing and transaction reviews.
(e) If you send or receive batch files containing completed Card transaction information to/from us, you must use the service provided by us to enable such files to contain only Tokens or truncated information.
(f) You must use truncated report viewing and data extract creation within reporting tools provided by us.
(g) You are required to follow rules or procedures we may provide to you from time to time regarding your use of Data Protection. We will provide you with advance written notice of any such rules or procedures or changes to such rules or procedures.
(h) You will use only unaltered version(s) of Data Protection and will not use, operate or combine Data Protection or any related software, materials or documentation, or any derivative works thereof with other products, materials or services in a manner inconsistent with the uses contemplated in this section.
(i) You will promptly notify us of a breach of any these terms.
68.5 Tokenization Limited Warranty. Subject to the terms of this Agreement, we (i) warrant that each token returned to you through Data Protection cannot be used to initiate a financial sale transaction by an unauthorized entity/person outside your point of sale systems and facilities where you process and /or store transaction data (the “Limited Warranty”); and (ii) agree to indemnify and hold you harmless from direct damages, including third party claims, resulting from our breach of the Limited Warranty. This express remedy for our breach of the Limited Warranty constitutes our entire liability and your sole and exclusive remedy for our breach of the Limited Warranty.
The Limited Warranty is void if (a) you use Data Protection in a manner not contemplated by, or you are otherwise in violation of, this Agreement or any other agreement relating to Cards eligible for Data Protection; (b) you are grossly negligent or engage in intentional misconduct; or (c) you no longer have a processing relationship with us.
68.6 Disclaimer; Clover Security Plus Does Not Guarantee Compliance or Security.
68.6.1 USE OF CLOVER SECURITY PLUS, SOFTWARE OR ANY EQUIPMENT (INCLUDING ANY SERVICES, SOFTWARE OR EQUIPMENT PROVIDED BY OR THROUGH A THIRD PARTY) IS AT YOUR OWN RISK AND TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW THE CLOVER SECURITY PLUS, EQUIPMENT AND ANY SOFTWARE IS PROVIDED “AS IS” AND WE DISCLAIM ALL REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, MADE TO YOU OR ANY OTHER PERSON, INCLUDING ANY WARRANTIES REGARDING QUALITY, SUITABILITY, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR THAT THE CLOVER SECURITY PLUS, EQUIPMENT OR ANY SOFTWARE WILL OPERATE UNINTERRUPTED OR ERROR FREE OR THAT THE CLOVER SECURITY PLUS, EQUIPMENT OR SOFTWARE ARE SECURE, FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS, OR DO NOT INFRINGE THE RIGHTS OF ANY PERSON.
68.6.2 YOU MUST COMPLY WITH ALL RULES OR PROCEDURES RELATING TO CLOVER SECURITY PLUS (OR ANY COMPONENT OF CLOVER SECURITY PLUS) THAT WE GIVE YOU FROM TIME TO TIME. YOU MUST ALSO IMPLEMENT ALL UPDATES TO CLOVER SECURITY PLUS WITHIN A REASONABLE PERIOD OF TIME AFTER YOU RECEIVE THEM. YOU ARE SOLELY RESPONSIBLE FOR BACKING UP AND/OR OTHERWISE PROTECTING YOUR DATA, SYSTEMS, AND SERVICE.
68.6.3 Use of Clover Security Plus does not (a) guarantee compliance with any laws, Rules, or applicable standards (including the PCI DSS), (b) affect your obligation to comply with laws, Rules, and applicable standards (including the PCI DSS), or (c) guarantee protection against a Data Incident. Your use of Clover Security Plus involves inherent risks, including system performance, availability, and data corruption. We make no promise, and disclaim all warranties of any kind, that the use of Clover Security Plus will detect all vulnerabilities on your system, or that our vulnerability assessments, suggested solutions, information, or advice is error-free or complete.
68.7 Intellectual Property Rights.
68.6.1 All right, title, and interest in and to all confidential information and intellectual property related to the Clover Security Plus (including the Marks, all Software , the content of any materials, web screens, layouts, processing techniques, procedures, algorithms, and methods and any updates, changes, alterations, or modifications to or derivative works from such intellectual property), owned, developed or licensed by us prior to, during the term of, or after this Agreement, or employed by us in connection with the Clover Security Plus, shall be and remain, as among the Parties or our Affiliates’, our vendors’ or our licensors’ (as applicable) sole and exclusive property, and all right, title and interest associated with the Clover Security Plus, Equipment and Software not expressly granted by us in this Agreement are deemed withheld. You may not use our Marks in any manner, including in any advertisements, displays, or press releases, without our prior written consent.
68.6.2 You may not, nor may you permit any third party to do any of the following: (a) decompile, disassemble, reverse engineer, or otherwise attempt to reconstruct or discover by any means any source code, underlying ideas or algorithms of the Clover Security Plus, Software or Equipment (or any part), except to the extent that such restriction is expressly prohibited by law; (b) modify, translate, or alter in any manner, the Clover Security Plus, Software or Equipment (or any part) or the Marks; (c) create derivative works of or based on the Clover Security Plus (or any part), Software or the Marks; (d) except for backup and archival purposes, directly or indirectly copy the Clover Security Plus or any Software (or any part); (e) republish, upload, post, transmit, disclose, or distribute (in any format) the Clover Security Plus or Software (or any part) except as permitted in this Agreement; or (f) remove, relocate, or otherwise alter any proprietary rights notices from the Clover Security Plus, Software or Documentation (or any part) or the Marks.
68.6.3 If we provide you with copies of or access to any Software or Documentation, unless otherwise expressly stated in writing, that Software and Documentation is provided on a personal, non-exclusive, non-transferable, non-assignable, revocable limited license for the period of your subscription to the applicable Clover Security Plus service and solely for you to access and use the Software and Documentation to receive the relevant Clover Security Plus service for its intended purpose on systems owned or licensed by you. Software can only be used with certain computer operating systems and it is your responsibility to ensure that you have the appropriate hardware and software to use the Software.
68.6.4 You shall not take any action inconsistent with the stated title and ownership in this Section 68. You will not file any action, in any forum that challenges the ownership of any part of the Clover Security Plus or any software, materials or Documentation. Failure to comply with this provision will constitute a material breach of this Agreement. We have the right to immediately terminate your access to and use of the Clover Security Plus in the event of a challenge by you.
68.6.5 If you are acquiring any of the Clover Security Plus services on behalf of any part of the United States Government (Government): any use, duplication, or disclosure by the Government is subject to the restrictions set forth in subparagraphs (a) through (d) of the Commercial Computer Software-Restricted Rights clause at FAR 52.227-19 when applicable, or in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013, and in similar clauses in the NASA FAR Supplement; (b) we are the contractor/manufacturer, with the address set forth in this Agreement; and (c) any use, modification, reproduction, release, performance, display or disclosure of Clover Security Plus and /or the accompanying documentation by the Government or any of its agencies shall be governed solely by the terms of this Agreement and shall be prohibited except to the extent expressly permitted by this Agreement.
68.8 Software Updates, Maintenance and Changes.
68.6.1 We may perform maintenance on Software or Clover Security Plus which may result in service interruptions, delays, or errors. We will not be liable for any such interruptions, delays, errors, or bugs. You agree that we may contact you in order to assist you with the Software or Services and obtain information needed to identify and fix any errors. We may, at our discretion, release enhancements, improvements or other updates to any Software, or otherwise make any changes to the Clover Security Plus (or any part).
68.6.2 You acknowledge and understand that certain Software can automatically install, download, and /or deploy updated and /or new components, which may include a new version of the Software itself. You shall not, in any event or in any manner, impede the update process. You agree to assume full responsibility and indemnify us for all damages and losses, of any nature, for all adverse results or third party claims arising from your impeding the update process.
68.9 Accessing Services via the Internet or third parties. You agree that we shall not be liable to you for any claims, damages, losses, obligations, costs or expenses or other liability arising directly or indirectly from or otherwise concerning (a) any termination, suspension, delay or disruption of service (including billing for a service) by the internet, any common carrier or any third party service provider; (b) any failure, disruption or malfunction of the Clover Security Plus, the Internet, or any communications network, facility or equipment beyond our or a third party’s reasonable control, whether or not attributable to one or more common carriers; or (d) any failure to transmit, obtain or collect data or for human, machine or software errors or faulty or erroneous input by you.
68.10 Access and Use of Services.
68.6.1 Unless we otherwise agree in writing, the Clover Security Plus shall be for your internal business use in the United States and US territories or possessions only.
68.6.2 You shall not and shall not permit any third party to: (a) access or attempt to access any of the Clover Security Plus service that is not intended to be available to you;
(b) access or use (in any format) the Clover Security Plus (or any part) through any time- sharing service, service bureau, network, consortium, or other means; (c) without our advanced written consent, use, ship or access TransArmor (or any part) outside or from outside of the United States; (d) perform or attempt to perform any actions that would interfere with the proper working of any part of the Clover Security Plus, prevent access to or use of any of the Clover Security Plus by other users, or in our reasonable judgment, impose a large load on our infrastructure, network capability or bandwidth; or (e) use the Clover Security Plus (or any part) except as permitted in this Agreement.
68.6.3 We have the right to rely on user names, password and other sign on credentials/access controls for the Clover Security Plus or any Software (including
Federated Single Sign-on credentials) provided or approved by us to authenticate access to, and use of, the Services and any Software.
68.11 Indemnification. In addition to other indemnifications provided in this Agreement, you agree to indemnify and hold us, our Affiliates and third party service providers harmless from and against all losses, liabilities, damages and expenses arising from (a) your use of the Clover Security Plus, including any Software or Equipment provided under this Agreement; or (b) any other person’s authorized or unauthorized access and/or use of the Clover Security Plus (or any part), Software or Equipment, whether or not using your unique username, password, or other security features.
68.12 Liability Waiver.
68.6.1 Subject to your subscribing to the entire Clover Security Plus bundle and to the terms of this Agreement, we agree to waive liability that you have to us under this Agreement for Security Event Expenses resulting from a Data Incident first discovered by you or us while you are receiving and utilizing the Clover Security Plus (the “Liability Waiver”).
68.6.2 The maximum amount of Liability Waiver for all Data Incident Expenses arising out of or relating to your Data Security Events first discovered during any Program Year regardless of the number of such Data Security Events is as follows:
- a) $100,000.00 maximum per each MID you have; and
- b) $500,000 aggregate maximum for all of your MID’s.
68.6.3 In addition to Section 68.11.2., the maximum amount of Liability Waiver during any TransArmor Program Year for EMV Upgrade Costs is further limited as follows:
- a) $10,000 maximum per each MID you have; and
- b) $25,000.00 aggregate maximum for all of your MID’s.
These limitations apply during each twelve-month period from June 1 through May 31 regardless of the number of Data Incidents you may experience.
68.6.4 All Data Incident Expenses resulting from the same, continuous, related or repeated event or facts will be deemed to arise out of one Data Incident for purposes of these limits. The Liability Waiver is available only while you are using and paying for Clover Security Plus.
68.6.5 The Liability Waiver will not apply to any of the following: (a) any Data Incident that began before you started using Clover Security Plus or that is reported to us after you stopped using Clover Security Plus; (b) any fines or assessments against you that are not the direct result of a Data Incident; (c) any repeated Data Incidents, unless between the repeated events a qualified security assessor certified you as PCI-compliant; (d) any routine or recurring expenses for security assessments, regulatory examinations, or compliance activities; (e) any Data Incident that occurs during any period of time that (1) a Payments Organization has categorized you as a Level 1 or Level 2 merchant, or (2) you have processed more than 6 million transactions during the 12-month period before the Data Incident; (f) any expenses (other than Data Incident Expenses) incurred to bring you into compliance with the PCI DSS or a similar security standard; or (g) any Data Incident Expenses that arise out of an uncontrollable event or any intentional, reckless, or grossly negligent misconduct on your part.
68.13 Export Compliance
68.6.1 You agree not to export or re-export any Software or Equipment or any underlying information except in full compliance with all applicable laws and regulations.
68.6.2 None of the Software or Equipment or any underlying information may be downloaded or otherwise exported or re-exported (a) to any country to which the United States has embargoed goods (or any national or resident thereof); (b) to anyone on the United States Treasury Department’s list of Specially Designated Nationals or the United States Commerce Department’s Table of Deny Orders; or (c) in any manner not in full compliance with the requirements of the United States Bureau of Industry and Security and all applicable Export Administration Regulations.
68.6.3 If you have rightfully obtained Software or Equipment or any underlying information outside of the United States, you agree not to re-export the same except as permitted by the laws and regulations of the United States and the laws and regulations of the jurisdiction in which you obtained it. You warrant that you are not located in, under the control of, or a national or resident of any such country or on any such list.
68.14 Definitions:
(a) Card Organization Assessment means a monetary assessment, fee, fine or penalty levied against you or us by a Card Organization as the result of (i) a Data Security Event or (ii) a security assessment conducted as the result of a Data Security Event; provided, that The Card Organization Assessment shall not exceed the maximum monetary assessment, fee, fine or penalty permitted upon the occurrence of a Data Security Event by the applicable rules or agreement in effect as of the inception date of this Agreement for such Card Organization;
(b) Cardholder Information means the data contained on a Card, or otherwise provided to Client, that is required by the Card Organization or us in order to process, approve and/or settle a Card transaction;
(c) Card Replacement Expenses means the costs that the we or you are required to pay by the Card Organization to replace compromised Cards as the result of (i) a Data Security Event or (ii) a security assessment conducted as the result of a Data Security Event;
(d) Data Protection is a Clover Security Plus service that provides encryption of cardholder data at your payment environment and replaces the data with a token or randomly generated number;
(e) Clover Security Plus is the suite of security services provided by us and known as TransArmor.
(f) Data Security Event means the actual or suspected unauthorized access to or use of Cardholder Information, arising out of your possession of or access to such Cardholder Information, which has been reported (i) to a Card Organization by you or us or (ii) to you or us by a Card Organization. All Security Event Expenses and Post Event Services Expenses resulting from the same, continuous, related or repeated event or which arise from the same, related or common nexus of facts, will be deemed to arise out of one Data Security Event;
(g) Documentation means any documents, instructions, web screen, layouts or any other materials provided by us relating to the Software or the Clover Security Plus;
(h) Equipment means equipment rented to or purchased by you under this Agreement and any documents setting out additional terms on which Equipment is rented to or purchased by you;
(i) EMV Upgrade Costs means cost to upgrade payment acceptance and processing hardware and software to enable you to accept and process EMV-enabled Card in a manner compliant with PCI Data Security Standards;
(j) Forensic Audit Expenses means the costs of a security assessment conducted by a qualified security assessor approved by a Card Organization or PCI Security Standards Council to determine the cause and extent of a Data Security Event;
(k) Liability Waiver has the meaning as set forth in Section 68.11.1 above;
(l) Marks means the names, logos, emblems, brands, service marks, trademarks, trade names, tag lines or other proprietary designations;
(m) Post Event Services Expenses means reasonable fees and expenses incurred by us or you with our prior written consent, for any service specifically approved by us in writing, including, without limitation, identity theft education and assistance and credit file monitoring. Such services must be provided by or on behalf of us or you within one (1) year following discovery of a Data Security Event to a Cardholder whose Cardholder Information is the subject of that Data Security Event for the primary purpose of mitigating the effects of such Data Security Event;
(n) Program Year means the period from November 1st through October 31st of each year;
(o) Security Event Expenses means Card Organization Assessments, Forensic Audit Expenses and Card Replacement Expenses. Security Event Expenses also includes EMV Upgrade Costs you agree to incur in lieu of a Card Organization Assessment;
(p) Software means all software, computer programs, related documentation, technology, know-how and processes embodied in the Equipment (i.e. firmware) or otherwise provided to you under this Agreement. For the avoidance of doubt, the term Software shall not include any third party software available as part of a service provided from someone other than us or our vendors or which may be obtained by you separately from the Clover Security Plus (e.g. any applications downloaded by you through an application marketplace);
(q) TransArmor PCI is a Clover Security Plus service that provides access to online PCI DSS Self-Assessment Questionnaires (SAQ) to validate PCI data standards: and
TransArmor Data Protection Service
68.15 The TransArmor Data Protection service encrypts cardholder data at the point of transaction and replaces it with a unique identifier (a token) that is returned with the authorization response. You must use the token you receive with the authorization response instead of the card number for all other activities associated with the transaction, including settlement, retrieval, chargeback, or adjustment processing as well as transaction reviews. If you fully deploy and use the TransArmor Data Protection service, the token returned to you with the authorization response cannot be used to initiate a financial sale transaction by an unauthorized person outside your point of sale systems or the systems where you store your transaction data. The TransArmor Data Protection service can only be used with a point of sale device, gateway, or service that we have certified as being eligible for the TransArmor Data Protection service. The TransArmor Data Protection Service is provided to you by Processor and not by Bank.
68.16 Use of the TransArmor Data Protection Service does not (a) guarantee compliance with any laws, Rules, or applicable standards (including the PCI DSS), (b) affect your obligation to comply with laws, Rules, and applicable standards (including the PCI DSS), or
(c) guarantee protection against a Data Incident.
- Special Provisions Regarding Non-Bank Cards
69.1 Non-Bank Card transactions are provided to you by Banktech and not by Bank and include transactions made using Discover Network, PayPal, and American Express, types. The Payment Services provided, transactions processed and other matters contemplated under this Section 69 are subject to the rest of this Agreement, as applicable, except to the extent the terms of this Section 69 directly conflict with another provision of this Agreement, in which case the terms of this Section 69 will control; provided, however, that (i) Bank is not a party to this Agreement insofar as it relates to Non-Bank Card services, and Bank is not liable to you in any way with respect to such Payment Services and (ii) you agree to pay Banktech any per item processing, authorization and other fees described in the Application for any non-acquired transaction services you receive from Banktech. For the purposes of this section, the words “we,” “our” and “us” refer only to the Banktech and not to the Bank. You authorize us to share information from your Application with American Express, Discover Network, PayPal and any other Non-Bank Card Organization.
69.2 If you accept American Express, you understand that if, based upon your anticipated Card transaction volume you do not qualify for our full service program but have otherwise been approved for accepting American Express transactions, your authorizations will be obtained from and funded by American Express. American Express will provide you with its own agreement that governs those transactions. You understand and agree that we are not responsible and assume absolutely no liability with regard to any such transactions, including but not limited to the funding and settlement of American Express transactions, and that American Express will charge additional fees for the services they provide.
69.3 If you accept Discover but do not qualify for our Discover full service program, Discover will provide you with its own agreement that governs those transactions. You understand and agree that we are not responsible and assume absolutely no liability with regard to any such transactions, including but not limited to the authorization, funding, and settlement of Discover transactions, and that Discover may charge additional fees for the services they provide.
69.4 If you accept PayPal Cards you understand that the following requirements apply to PayPal Card transactions in addition to the information required in this Agreement:
- Only in-store, Card present transactions are eligible for processing under this Agreement. Card not present/online, cash over, cash advance, quasi cash transactions, international transactions or manually entered transactions are not eligible for processing. You must contact us or PayPal for information related to services that are not covered in this Agreement.
- You will provide us with information about the Card transactions you conduct; including, data related to your Authorization requests, Card transactions, and transaction dispute responses.
- You will provide us with aggregate and individual information about the Card transactions you accept; including, the number, type and kind of transactions you conduct, your disputes, your business operations, your merchant category code information, and any other information you are required to provide under this Agreement.
- You will not use, store, retain or otherwise disclose any of PayPal’s confidential information, Cardholder data, magnetic stripe track data, or PayPal Card transaction data (other than as necessary to complete a transaction).
- You will not use PayPal Cardholder’s personal information for marketing and/or other purposes without explicit consent from the Cardholder.
- If you accept JCB, Diners Club International, UnionPay, BCcard, and Dinacard, you agree to be bound by the Discover Network provisions of this Agreement. You also acknowledge and agree that JCB, Diners Club International, UnionPay, BCcard, and Dinacard transactions will be processed under and subject to Discover Network Card Organization Rules.
- If you accept JCB, Diners Club International, UnionPay, BCcard, and Dinacard, you agree to be bound by the Discover Network provisions of this Agreement. You also acknowledge and agree that JCB, Diners Club International, UnionPay, BCcard, and Dinacard transactions will be processed under and subject to Discover Network Card Organization Rules.
- Special Provisions Regarding Debit Cards
The special provisions outlined in this Section 70 apply only to those Debit Card transactions that are processed by a Cardholder entering a PIN unless the transaction is a network supported PINless transaction. A PINless transaction is a Debit card transaction that a merchant submits to us for settlement/funding transactions with neither a PIN nor Signature. The Services provided, transactions processed, and other matters contemplated under this Section 70 are subject to the rest of this Agreement, as applicable, except to the extent the terms of this Section 70 directly conflict with another provision of this Agreement, in which case the terms of this Section 70 will control.
70.1 Debit Card Acceptance. Most, but not all, ATM Cards (Debit Cards) can be accepted at the point of sale at participating locations. Examine the back of the Debit Card to determine if the Card participates in a PIN Debit network that you are authorized to accept. PIN Debit network Mark(s) are usually printed on the back of the Card. If the Debit Card is valid and issued by a financial institution Issuer participating in a PIN Debit network, you must comply with the following general requirements for all participating PIN Debit networks, in addition to the specific requirements of that PIN Debit network:
- You must honor all valid Debit Cards when presented that bear authorized PIN Debit network Marks.
- You must treat transactions by Cardholders from all Issuers in the same manner.
- You may not establish a minimum or maximum transaction amount for Debit Card acceptance.
- You may not require additional information, besides the PIN, for the completion of the transaction unless the circumstances appear suspicious. A signature is not required for Debit Card transactions.
- You shall not disclose transaction related information to any party other than your agent, a PIN Debit network, or Issuer and then only for the purpose of settlement or error resolution.
70.2 Transaction Processing. The following general requirements apply to all Debit Card transactions:
- All Debit Card transactions must be authorized and processed electronically. There is no Voice Authorization or Imprinter procedure for Debit Card transactions.
- You may not complete a Debit Card transaction that has not been authorized. If you cannot obtain an Authorization at the time of sale, you should request another form of payment from the Cardholder or process the transaction as a Store and Forward or Resubmission, in which case you assume the risk that the transaction fails to authorize or otherwise declines. The Cardholder should be instructed to contact the Issuer to find out why a transaction has been declined.
- The Debit network used to process your debit transaction will depend upon, among other things, our own business considerations, the availability of the Debit network at the time of the transaction and whether a particular Debit Card is enabled for a particular Debit network. The Debit network used to route your transaction may or may not be the lowest cost network available. We may, in our sole discretion (i) use any Debit network available to us for a given transaction (including any of our affiliated PIN Debit networks) and (ii) add and/or remove Debit networks available to you based on a variety of factors including availability, features, functionality and our own business considerations.
- You must issue a receipt to the Cardholder upon successful completion of a transaction and effect PAN Truncation on it.
- You may not manually enter the account number for PIN Debit transactions. Signature Debit transaction may be key entered if you are unable to swipe the Card. The account number must be read electronically from the Magnetic Stripe /chip for transactions authenticated with a PIN. If the Magnetic Stripe/chip is unreadable, you must request another form of payment from the Cardholder. Do obtain a signature if PIN authentication is not supported or available.
- Any applicable tax must be included in the total transaction amount for which Authorization is requested. Tax may not be collected separately in cash.
- YOU ARE RESPONSIBLE FOR SECURING YOUR POS DEVICES AND FOR IMPLEMENTING APPROPRIATE CONTROLS TO PREVENT EMPLOYEES OR OTHERS FROM SUBMITTING CREDITS AND VOIDS THAT DO NOT REFLECT BONA FIDE RETURNS OR REIMBURSEMENTS OF PRIOR TRANSACTIONS.
70.3 Cash Back from Purchase. You may offer cash back to your customers when they make a PIN Debit Card purchase. You may set a minimum and maximum amount of cash back that you will allow. If you are not currently offering this service, your POS device may require additional programming to begin offering cash back as long as it is supported by the Debit Network.
70.4 Settlement. You must reconcile your accounts for each location daily and notify us within 24 hours of any issues.
70.5 Adjustments. An adjustment is a transaction that is initiated to correct a Debit Card transaction that has been processed in error. For signature debit transactions (including “no signature” signature debit transactions), both the Cardholder and the card issuing bank have the right to question or dispute a transaction. If these questions or disputes are not resolved, a chargeback may occur. You are responsible for all adjustment and Chargeback fees that may be charged by a Debit network. There are several reasons for adjustments being initiated:
- The Cardholder was charged an incorrect amount, whether too little or too much.
- The Cardholder was charged more than once for the same transaction.
- A processing error may have occurred that caused the Cardholder to be charged even though the transaction did not complete normally at the point of sale.
- A Cardholder is disputing the goods or services provided.
70.6 All parties involved in processing adjustments and Chargebacks are regulated by time frames that are specified in the operating rules of the applicable Debit network, The Electronic Funds Transfer Act, Regulation E, and other applicable law.