baycouples

Do you guys do your own rebills, or have your gateway solution provider ( like VeriSign ) do it for you?

I have a 50% rate of failure of my rebills as I have VeriSign do it for me and I was told it should be no more than 10%

Is this a right decision for me to start doing my own rebills?

datatank

Talk to http://netbilling.com

ASAP sounds like your Gateway is doing something very wrong

Validus

How can you do your own rebills without saving the CVV code?!

Netbilling is a great solution/company. They have been around for ages and are always around when you need them.

If you have a higher volume, lets say 40K+ per month, I'd be able to hook you up as well. [email protected].

Steen2

You can hook people up with merchant accounts and talk about saving CVV codes?! That's concerning.

__________________
ICQ: 2262.73945

Validus

Sorry, I did not understand your reply.

CVV codes should not be saved. For this reason most acquirers offer a ?rebill? option. With this option, the acquirer takes care of the rebills.

baycouples

Yes. I can get all that info from my gateway provider and start billing customers on my own. You know?

baycouples

Why not?

Validus

MasterCard / Visa regulations.

Storage of Account, Cardholder, and Transaction Data

A merchant and any DSE must not store in any system or in any manner,
discretionary card-read data, CVC 2 data, PIN data, Address Verification Service (AVS) data, or any other prohibited information as set forth in the MasterCard Standards including, but not limited to, sections 2.5.5.1.1 and 2.8.2.1 of the Security Rules and Procedures manual, except during the authorization process for a transaction, that is, from the time an Authorization Request message is transmitted and up to the time the Authorization Request Response message is received. MasterCard permits storage of only the card account number, expiration date, cardholder name, and service code, in a secure environment to which access is limited, and then only to the extent that this data is required for bona fide purposes and only for the length of time that the data is required for such purposes.

Be careful about jumping into something... All these regulations, are just one reason why payment processing is such a tough business.

butterflybucks

I have merchant account only for tangible products.

__________________
100% Real Thai Girls - Tiniest Pornstar in the world Thainee.com & Dream Teen Tussinee.com Asian Teens, Asian EMO, Asian G/Fs THAI GIRLS WILD

Validus

In any case. Mitch from Netbilling would be my suggestion. He is a pro.

Also, check out Paycom. Rand is a great guy always looking to help people; also a pro.


Just be sure to inform yourself about those regulations. It doesn?t matter what type of products you are processing. As far as I am aware, you are not allowed to store the CVC code yourself. Then again, I am no expert. It is just that I heave read or heard.

justsexxx

50% failure with rebills? That is insane! Around 9-11% here

__________________
Questions?

ICQ: 125184542

Calvinguy

If the bank says no there is nothing you can do.... gateway or manual. Doesn't matter.

Calvinguy

CVC must not be stored in any case. CVC is not required to charge a card but a damn good thing to check for the initial charge as part of the fraud screening.

Validus

CVC is not required anymore to charge a card? That is something new to me. Where did you get that information from?

sperbonzo

That is correct. CVV is quite often used for initial authorization in order to pass a gateways fraud screening, but is not mandated for all transactions, and is not used for rebills. The processing gateway is not allowed to store the CVV any more than the merchant is. It is actually up to the acquring bank as to whether or not the CVV is required for all transactions or not.

For example, when you use your card at a gas pump, or ATM, the CVV is not required. It varies from bank to bank, MCC to MCC, and transaction type to transaction type.

__________________
Michael Sperber / Acella Financial LLC/ Online Payment Processing

[email protected] / http://Acellafinancial.com/

ICQ 177961090 / Tel +1 909 NET BILL / Skype msperber

Validus

Oh, interesting. Ah well, I must have read the regulations wrong then. This is what it says:

An acquirer?s fraud loss control program must meet the following minimum
requirements, and preferably will include the recommended additional
parameters. The program must automatically generate daily fraud monitoring
reports or real-time alerts. Acquirer staff trained to identify potential fraud
must analyze the data in these reports within 24 hours.

To comply with the fraud loss control Standards, acquirers also must transmit
complete and unaltered data in all card-read authorization request messages,
and also CVC 2 for all Card Not Present (formerly MO/TO), voice, and
e-commerce transactions.

Additionally, acquirers with high fraud levels must:

? Install ?read and display? terminals in areas determined to be at high risk
for fraud or counterfeit activity, or
? Install EMV chip terminals

sperbonzo

No, you aren't reading it wrongly, (and notice that it applies specifically to card-not-present/MOTO transactions), however, in different areas of the VISA regulations (which are the size of a full set uf encyclopedia) there are detailed exceptions and conditions. Also associated member banks (banks, not processors) can negotiate certain conditions with VISA to allow for exceptions. Also protocols and procedures vary in each of the six VISA regions.

__________________
Michael Sperber / Acella Financial LLC/ Online Payment Processing

[email protected] / http://Acellafinancial.com/

ICQ 177961090 / Tel +1 909 NET BILL / Skype msperber

trashymedia

I am surprised that Versign is doing adult, as many of the big companies pulled out around when Card Services dropped all of us. We have two tangible account through Net Billing and love the service. Their fees may be even cheaper as we had a friend that used Verisign, and if I recall correctly, his setup fees were outrageous...
Jeff

__________________
Trashy Bucks pays you 60% recurring for life on subscription sales or 25.00 per join, 30% for every DVD sold and 5% for webmaster referrals! Got interracial, cumshot, fetish, foot worship, video on demand or amateur niche traffic?


ICQ 172067634

NETbilling

Hi,

Storing CVV2 #s is strictly against card association rules and could result in huge fines leading to hundreds of thousands of dollars. If you are seeing a 50% decline rate in rebills there is certainly a problem with eith initial trasnactions or the scrubbing itself. What is the highest reason for the declines that you are seeing?

Mitch

p.s. Thank you for the kind words everyone.

__________________


Mitch Farber
CEO - NETbilling, Inc.
Email / Phone: 888-357-8166 / 661-252-2456
Transaction processing & 24/7 call center services with exceptional rates and flexibility, since 1998!

sfera

mvc sounds like a good option

baycouples

OK! OK! I got it! Can't store the CVV/CVC code. But here's how I'll do it:

Check for CVV/CVC code at the first upgrade and only allow the upgrade if that's correct. Then I'll store all of the information EXCEPT for the CVV/CVC code and rebill customers without using it in the future.

Is that a good plan?

NETbilling

You are not storing credit card #s are you?

Mitch

__________________


Mitch Farber
CEO - NETbilling, Inc.
Email / Phone: 888-357-8166 / 661-252-2456
Transaction processing & 24/7 call center services with exceptional rates and flexibility, since 1998!

baycouples

Not right now, but I will start to. Why?

Fetish

We have used Netbilling for years. Nobody else comes close to them as far as service and support. Verisign sucks (we used them previously).

baycouples

What are the good points about the Netbilling and what are the negative points about VeriSign?

venus

I have a merchant account with humboldt bank and use netbillings secure gateway and call center, they are awsome.

50% sounds way high...talk to mitch at netbilling.com

__________________
Muscle/Fitness Adult Affiliate Program
Since 1997 www.venuscash.com

venus

Don't do that, your gonna get squigged by visa/MC ... you will also need to get your computer audited by security metrics ( http://www.securitymetrics.com/ ) or similar company before you do something like that.

__________________
Muscle/Fitness Adult Affiliate Program
Since 1997 www.venuscash.com

venus

first all, dont do anything stupid... stop what your doing, your about to get yourself seriously screwed!
get with netbilling and you will not have any problems, you wont go to jail or get any multi million dollar fines.
I read what you are thinking of doing.. dont do it..your gonna get fucked by bubba

__________________
Muscle/Fitness Adult Affiliate Program
Since 1997 www.venuscash.com

Validus

Talk with Mitch... LOL

baycouples

I do Securty Metrics scan every quater. So, I'm fine. But why would I get hassled by Visa/MC for doing my own rebills?

baycouples

OK! OK! But none of you told me what's so good ( in particular ) about the NetBilling and what is so bad about VeriSign. I'm ready to be sold, but someone has to say something reasonable.

Validus

I am not sure a bout VeriSign, what I do know is that Mitch (Netbilling) has been in business for a long time. In my opinion they are specialists when it comes to high-risk payment processing and professional in how they handle business. If you ever have a question, Mitch is there to help; ask anybody here.

Payment processing is very complex with many rules and regulations. Mitch will make sure you don?t get yourself into trouble by accidentally doing something wrong (e.g.: CVC, Security?)

I am also pretty sure (97%) that VeriSign does not process high-risk merchants.

Just send Mitch an e-mail! Discussing your payment processing habits/needs on a public board isn?t really ideal.

NETbilling

Venus - thanks for the very kind words. We really do apprecite it and it is a pleasure serving you.


Alex - Nice conversation we had on ICQ. I look forward to having you as a merchant. Let me know if you need anything.

Mitch

__________________


Mitch Farber
CEO - NETbilling, Inc.
Email / Phone: 888-357-8166 / 661-252-2456
Transaction processing & 24/7 call center services with exceptional rates and flexibility, since 1998!

Wiseman

Hey Venus hit me up i want to talk to you about some shit

__________________
[*]E-mail: [email protected][*]ICQ: 109726012[*]AIM: QbWiseman

venus

sounds like you got with netbilling already, but doing your own rebills is not a problem, storing credit card info on your computer is.
the quarterly thing does not apply when you start storing numbers, you have to have the onsite audit, your also asking for allot of possible trouble.
the best method, and safest, is to use a good company so your rebills work correctly and your not resorting to off the wall stuff like storing cc numbers on a personal computer. If I found out someone was storing my credit card number on their personal computer I would do what ever it took to put a stop to it as I am sure most people would.

__________________
Muscle/Fitness Adult Affiliate Program
Since 1997 www.venuscash.com

baycouples

I did chat with Netbilling and my programmer is evaluating what would be better: (1) to do my own rebills with VeriSign, (2) Signup with Netbilling and have them handle it all.

Though I'm still waiting for someone to tell me what are the great or bad things about what over the other?

Validus

Did you read what I wrote? Your re-bills don?t really matter in your decision making. In any case, Netbilling is a professional company that has been around for a very long time and has always delivered the promised.

If you run high-risk transactions through VeriSign? I?d be surprised if they are happy about it.

Validus

okay that was bad english, but... I hope I made sense.

Zprogramz

Use Netbilling whetheryou run your own rebills or not. You will make more money with them, plain and simple. Have you seen their system?

Agnosticism

Ever bought something where your cc wasn't process in real-time? Chances are your information was stored to be process through their daily batch processing. Also a lot of third party shopping carts, well store your information too. People might argue about encryption but if AOLs database can be decrypted which has happen in the past I am sure a mere third party shopping cart could be decrypted with ease. Also if information is stored on your webserver it might as well be stored on your personal computer. Stuff gets infected, sniffed and BAM their goes the data. Kind of scary of the information I seen being passed by a lot of companies you thought were reputable.

Zprogramz

Who does not process in real time anymore?

Z

Validus

Actually, most do a pre-authorization on a transaction/credit card and then to a capture later on. Kind of like a hotel. With the pre-authorize they check if the card is present and if the funds are available, if they are, a hold is put on those funds. After X hours they capture the pre-authorization... finalize the transaction.

Since most Banks do require the CVC code (I did learn that some don't require you to send it as well) actually doing a "batch list" could cause some problems with regs.

Calvinguy

The gateway I use do a realtime authorization but do the captures once a day.

Kimmykim

Visa and MC have very clear guidelines on what is allowed and what is not, and your gateway, acquiring bank or ISO should inform you as to what your responsibilities and liabilities are to be compliant within these guidelines. There is no rule that says that you cannot store your own credit card numbers as a merchant, HOWEVER, there are plenty of rules pertaining to exactly how you must store, maintain and protect this data if you choose to do it yourself.

In many cases, probably close to all of them, it's much wiser to have your gateway store the data for you, since they are (I am assuming) compliant with the regulations and with the PCI security standards required.

Whether someone settles in real time, batch settles periodically throughout the day or settles once daily (just like a POS terminal does), is of little consequence to the transfer of funds from one bank to another.

What is important is how the data is secured, what data is stored, and the circumstances around which both happen.

An IPSP, even one that doesn't do gateway processing for outside clients, will store their own data normally, since they've passed all the security and compliance requirements, while a merchant account holder may choose between the options offered by their gateway provider.

I have no idea how Verisign is set up, but it does seem odd to me that if they are doing the gateway in this instance, that they have not informed a client as to how their process works, and what options are available to the client. If Verisign is not aware that they are processing 5967 transactions for you, then it is because of either very poor due diligence on their part, or perhaps a failure to inform them of your true business model on your part. Once again, I don't have any idea which could be the case, and I'm not going to speculate. You should be aware that if you've misrepresented your business to Verisign, it's possible that you could lose the ability to process transactions entirely and you would lose your rebill database in that instance as well.

I also agree with Mitch (who runs a very nice business) that a 50% decline in rebills is a problem. I can't think of any reason why that should happen, but if you are seeing it, before you decide to run your own rebills, you should investigate the cause of the problem and correct it. Bad scrubbing on the initial transaction could be a factor, your consumer base could be another factor. Without any idea of your conversion ratio, your credits or chargebacks, it's hard to say for sure what is causing the problem.

You're not going to go to jail or pay multi-million dollar fines with a merchant account unless you are doing something illegal or you deliberately abuse the card association regulations with some very high volume. That kind of scare talk is nothing more than scare talk.

Depending on your account volume, you should have options. Talk to Mitch or shoot me an icq if you want to discuss specific things that may be occurring. I'd be happy to talk to you about it if you like.

I'd suggest getting sorted out and into compliance as quickly as you can.

NETbilling

Excellent posting and completely factual as always Kimmy. Looking forward to seeing you in Phoenix.

Mitch

__________________


Mitch Farber
CEO - NETbilling, Inc.
Email / Phone: 888-357-8166 / 661-252-2456
Transaction processing & 24/7 call center services with exceptional rates and flexibility, since 1998!