Most organizations concerned with payment compliance are focused on the PCI Data Security Standard (DSS), but PCI is only part of the story. Every card brand and payment association has their own operating rules and regulations that also need to be followed. Many of these rules and regulations fly below the radar of most people and organizations. However, sometimes these rule changes have far reaching impacts.
These rule changes most commonly impact card Issuers, Acquirers, and Processors. These organizations need to understand, evaluate, and implement new requirements. In many cases, the changes are nearly transparent to merchants and cardholders. This article looks at a few recent of the requirements that will impact merchants and cardholders.
Visa is introducing a number of changes starting this October that will affect all merchants that take mail order and telephone (MOTO) transactions. This currently affects Canadian merchants but will also expand to other markets. Specifically, the rule changes when you need to include (or not include) the CVV2 security codes when processing transactions. Failure to follow the new rules may result in declined transactions.
For many merchants this will mean changes inside call centers and mail order operations. For example:
If you are looking for more information on any of these additional requirements, we've provided some links for further reading below.
We recommend that you reach out to your acquirer or assessor for assistance in understanding how this regulation will affect you. Or you can give us a call, we’d be happy to help.