Visa’s New Stored Credentials Program: What Online Merchants Must Know

The appeal of shopping online is its ease: Customers can point, click and buy from the comfort of their homes. And as e-commerce grows in popularity, merchants want ways to make online transactions even easier. Storing credentials, which allows for faster checkouts and a seamless, more secure purchasing process, has helped do just that.

Stored credentials are simply data — like credit card numbers — that a merchant uses to facilitate the processing of two kinds of future transactions:

• Cardholder-initiated transactions. The cardholder initiates a transaction, either online or in a brick-and-mortar store and requests that payment information be stored to simplify future purchases.

• Merchant-initiated transactions. For subscription-based services, recurring billing agreements and other similar transactions, the cardholder gives consent for the merchant to store payment credentials for future use.

As e-commerce sites increasingly use stored credentials, processing networks have developed new ways to improve transactional security and customer convenience. In October 2016, Visa updated its requirements that covered transactions under the new stored credential transaction category. And on October14, 2017, Visa implemented new requirements for how merchants store and process these cardholder credentials.

5 New Credential Storage Requirements

Merchants that opt to store customer credentials to process either transaction type must:

1. Obtain cardholder consent for stored credentials that were initiated after October 14, 2017.
2. Communicate to customers how credentials data will be used.
3. Update policies and workflows to include refund policies, recurring charges, surcharges and contact information for customers.
4. Notify cardholders of changes to the terms of use.
5. Use the appropriate data values in either the payment transaction or the account verification authorization to identify both the initial storage and usage of stored payment credentials.

To comply with the new standards, merchants may need to revise their e-commerce checkout pages and terms and conditions to more accurately explain their process for storing the customer’s credentials. They should also add a box on checkout pages to let customers consent to these terms and ensure they provide contact information for customers who have questions about data storage and its policies.

How the Stored Credentials Program Affects Merchants

Because each stored credential transaction is now recognized distinctly, it receives different treatment throughout the authorization approval process and can offer merchants benefits like:

• An increase in authorized transactions and completed sales
• A reduction in chargebacks and customer friction at checkout
• A greater visibility of transaction risk levels for issuers

For merchants meeting the requirements of the Visa Stored Credentials Program, it not only helps improve transaction processing for merchants and customers, but it’s also an important step toward minimizing fraud and chargebacks.

Selecting the right fraud protection solution for your e-commerce business is another critical step in protecting your business. Contact a ClearSale fraud analyst today to learn how implementing our multilayered approach can help you minimize friendly fraud while increasing approval rates and customer satisfaction.