It’s time to brush aside the holiday hangover and put the new year into perspective. Since 2020 has been named the year of “perfect vision,” what better time to focus in on what’s headed our way? Card brand and regulatory changes are on the horizon and we need to be ready. So as we charge into the new year, we wanted to bring clarity to these changes, breaking down the top three areas to keep your eyes on.
Trials
If you offer a trial of any kind, you’ll want to pay attention to this. Visa is following the lead of MasterCard, which recently rolled out updates for merchants offering free trials on products. Visa is taking it one step further with its new rules applying to both physical, and digital goods and services. Starting April 18 in 2020, Visa will require merchants offering free trials or introductory promotions to make some changes that will impact acceptance, disclosure and dispute policies. The simple way to look at it is, if the ongoing subscription/recurring agreement is different than the price/period the customer signed up for initially, there will be some changes:
- The cardholder must give consent to entering a subscription (existing rule).
- The email notification must include some specific disclosures such as the subscription agreement, the start date, details of the goods and services, ongoing transaction amount and billing frequency, and a simple method to cancel online (very little will change here for most merchants).
- The descriptor for the first financial transaction will now have to include the word “trial.”
- If a free trial or introductory promotion is over seven days in length, the consumer must be notified seven days before the next transaction is initiated — they must also be provided with an easy method to cancel online.
Visa says the new policies will enable greater customer recognition, making it easier to cancel and offer clearer dispute rights.
Chargebacks
As we all know, a chargeback is when a consumer asks to have their credit card provider refund a payment. It’s a headache, especially if it stems from an actual fraudulent transaction. Starting on April 1, 2020 MasterCard will conduct chargeback and fraud updates. The non-compliance threshold for entry to the Excessive Chargeback Merchant (ECM) program has not changed. It remains at 100 chargebacks and 1.5 percent of the prior month’s sales. MasterCard has simplified things a bit on the back-end; to exit the program you need to be compliant for three consecutive months, and you don’t need an accountant to calculate any non-compliance assessments. MasterCard has also updated its fraud program and created a second category for large chargeback merchants, but most merchants won’t ever hear about them unless they have over $50,000 in fraud or 300 chargebacks in a month.
Regulations
The new year kicks off with a new regulation for anyone doing business in California. On Jan. 1, 2020, the California Consumer Privacy Act (CCPA) goes into effect. It is similar to the EU’s General Data Protection Regulation (GDPR) that launched in 2018 giving consumers more control over their personal data. CCPA applies to companies that either have $25 million or more in annual revenues, have data from more than 50,000 households (or devices) or 50 percent of their annual revenue comes from selling consumers’ personal information. It’s a win for California consumers who will gain the right to know several things about how their information is being used like:
- What personal data is being collected about them
- Whether their personal data is sold or disclosed and to whom
- The ability to say no to the sale of personal data
- Have access to their personal data
- Request a business to delete any personal information collected about them
- Be protected against discrimination for exercising their privacy rights
Any companies failing to comply or having a breach of data will be subjected to fines. Segpay and its legal team have been working on this for some time and welcome the added security to consumer privacy rights.
The drama continues as the U.K. tries to negotiate both with the EU and Parliament to leave the European Union. Currently, there is an extension until Jan. 31, 2020, but as we’ve seen before, these dates continue to change. Should there be a hard Brexit after Jan. 31, U.K. acquirers/PSPs will only be able to work with U.K. merchants. To take on EU merchants, acquirers and PSPs will need to be registered and licensed in an EU country to continue to work with merchants located in the EU. We opened an office in Ireland to prepare for this, offering a smooth transition for our merchants when this happens, although no one can be sure when that will be.
You may remember Europe’s Payment Services Directive (PSD2) was scheduled to go live on Sept. 14, 2019. The regulation is built around the concept of “open banking,” where compliant businesses can access consumer bank accounts, either to process payments directly or offer other services providing more options for consumers. Under PSD2, transactions where both the acquiring and issuing banks are based in the Europe Economic Area must meet the requirements for Strong Customer Authentication (SCA). To comply with that requirement, we recently launched a 3-D Secure (3DS) 2.0 service that includes all the enhanced security features necessary to meet these SCA requirements and beyond. In the final hours before the regulation was to go into effect in September, regulators agreed to not enforce the regulation until December 2020. We’ll need to keep a close eye on EU member states as they start to enforce this requirement throughout the year.
Cathy Beardsley is president and CEO of Segpay, a global leader in merchant services offering a wide range of custom financial solutions including payment facilitator, direct merchant accounts and secure gateway services. Under her direction, Segpay has become one of four companies approved by Visa to operate as a high-risk internet payment services provider. Segpay offers secure turnkey solutions to accept online payments, with a guarantee that funds are always safe and protected with its proprietary Fraud Mitigation System and customer service and support. For any questions or help, contact sales@segpay.com or compliance@segpay.com.
