educational

The Master Keys to the New Mastercard Rules

The Master Keys to the New Mastercard Rules

UPDATE: Since the time of writing this column, Segpay heard from Mastercard, who wanted to clarify a few issues related to the rules beginning on October 15, 2021 that were highlighted in the column below. When it comes to consent, the merchant has to verify the uploader and the uploader has to gather consent from the participants. Live stream video needs to have tools or a team in place to moderate and review content. All content uploaded from October 15, 2021 going forward needs to be verified. Anything before that date can be verified, but is not required to be.

It’s been a hot topic this year and now we’re just over a month away from the new Mastercard regulations taking effect. The official date when enforcement begins is October 15, 2021, but many of you have likely felt the impact of the new regulations already. Banks started to implement new policies and requirements well before the enforcement start date to ensure compliance.

These new guidelines will impact all merchants in the high-risk industry and heavily focus on merchants and platforms that support user-generated content.

These new guidelines will impact all merchants in the high-risk industry and heavily focus on merchants and platforms that support user-generated content. This month, we break down the three keys to understanding Mastercard’s latest user-generated content regulations.

THE MASTER PLAN

As a refresher, these new guidelines impact all merchants in our industry and are specifically focused on premium social media sites, tube sites, cam sites and voyeur programs. They include:

  • Entering into a written agreement with any individual that is contributing content to the website. This includes the individual’s consent, their identity and age.
  • All persons depicted in the content must give consent for the content to be distributed and downloaded.
  • Age and identity of all persons depicted is required.
  • Only verified users can be permitted to upload content.
  • All content must be reviewed prior to publication or in real-time if it’s live-streamed, and no content can violate the Card Brand Business or Risk Assessment and Mitigation (BRAM) policies.
  • Make sure content moderation policies and internal policies outlining age verification are in place.

All merchants must adhere to the following:

  • Websites must have a complaint process or take-down link for individuals to request content to be removed or notification of violating content.
  • You must provide monthly reports to the acquirer or payment facilitator of flagged content and share what was taken down.
  • No search terms or marketing partners can give the illusion that the content they are marketing will contain child exploitation materials or depictions of non-consensual activity.
  • Have policies in place to make sure that the website cannot be used for human trafficking.

RULE RETROSPECTIVE

Questions have been circulating about user-uploaded content for months; many are wondering about what happens to content that was uploaded or produced before the October 15 enforcement date. The answer is that all content, whether produced before or after October 15, must conform to the new guidelines.

So, if you do not have a written agreement from the user, nor have you validated the ID of the performer appearing in the content prior to October 15, 2021, you must reach out and gather their consent and validate their ID.

RISKY BUSINESS

Where things are getting a little tricky, is that the new guidelines released in April are still the guidelines our acquirers are putting policies in place to manage. The problem is that each acquirer has its own interpretation of how those policies should be implemented. So, if you work with multiple banks or multiple payment facilitators, we are all interpreting the guidelines and putting in place requirements for merchants to manage.

For example, at Segpay we work with seven different acquirers that span the U.S. and Europe and each of our partners requires that we comply in a different way. Compliance usually comes in the form of a questionnaire outlining the new requirements, which we will need to send to each of our merchants to complete and confirm their compliance with a signature. Many of these acquirers are asking for supporting merchant policies for age verification, content moderation and human trafficking. In addition, we will be rolling out a form for each of our merchants to report its take-down requests and how they were handled monthly. That’s because our goal is to simplify the process by consolidating all of our acquirers’ interpretations of the rules into a single questionnaire.

With one month left, the implementation of the new regulations is still a bit of a work in progress. As we all work to get into compliance, I am sure there will be some give-and-take with Mastercard and our acquirers to help smooth out the process and answer the unknowns.

Of course, just when we think we have understood and achieved Mastercard’s compliance requirements, we have new Visa regulations coming out regarding user-generated content, also expected in October! The good news is that we have faced numerous new regulations over the years, and we have always managed to understand them and comply, with a team in place to stay on top of navigating this ever-changing world.

To read the new Mastercard regulations in full, be sure to visit the following link: https://tinyurl.com/segpay

Cathy Beardsley is president and CEO of Segpay, a global leader in merchant services offering a wide range of custom financial solutions including payment facilitator, direct merchant accounts and secure gateway services. Under her direction, Segpay has become one of four companies approved by Visa to operate as a high-risk internet payment services provider. Segpay offers secure turnkey solutions to accept online payments, with a guarantee that funds are always safe and protected with its proprietary Fraud Mitigation System and customer service and support. For any questions or help, contact sales@segpay.com or compliance@segpay.com.

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

opinion

Best Practices for Payment Gateway Security

Securing digital payment transactions is critical for all businesses, but especially those in high-risk industries. Payment gateways are a core component of the digital payment ecosystem, and therefore must follow best practices to keep customer data safe.

Jonathan Corona ·
opinion

Ready for New Visa Acquirer Changes?

Next spring, Visa will roll out the U.S. version of its new Visa Acquirer Monitoring Program (VAMP), which goes into effect April 1, 2025. This follows Visa Europe, which rolled out VAMP back in June. VAMP charts a new path for acquirers to manage fraud and chargeback ratios.

Cathy Beardsley ·
opinion

How to Halt Hackers as Fraud Attacks Rise

For hackers, it’s often a game of trial and error. Bad actors will perform enumeration and account testing, repeating the same test on a system to look for vulnerabilities — and if you are not equipped with the proper tools, your merchant account could be the next target.

Cathy Beardsley ·
profile

VerifyMy Seeks to Provide Frictionless Online Safety, Compliance Solutions

Before founding VerifyMy, Ryan Shaw was simply looking for an age verification solution for his previous business. The ones he found, however, were too expensive, too difficult to integrate with, or failed to take into account the needs of either the businesses implementing them or the end users who would be required to interact with them.

Alejandro Freixes ·
opinion

How Adult Website Operators Can Cash in on the 'Interchange' Class Action

The Payment Card Interchange Fee Settlement resulted from a landmark antitrust lawsuit involving Visa, Mastercard and several major banks. The case centered around the interchange fees charged to merchants for processing credit and debit card transactions. These fees are set by card networks and are paid by merchants to the banks that issue the cards.

Jonathan Corona ·
opinion

It's Time to Rock the Vote and Make Your Voice Heard

When I worked to defeat California’s Proposition 60 in 2016, our opposition campaign was outspent nearly 10 to 1. Nevertheless, our community came together and garnered enough support and awareness to defeat that harmful, misguided piece of proposed legislation — by more than a million votes.

Siouxsie Q ·
opinion

Staying Compliant to Avoid the Takedown Shakedown

Dealing with complaints is an everyday part of doing business — and a crucial one, since not dealing with them properly can haunt your business in multiple ways. Card brand regulations require every merchant doing business online to have in place a complaint process for reporting content that may be illegal or that violates the card brand rules.

Cathy Beardsley ·
profile

WIA Profile: Patricia Ucros

Born in Bogota, Colombia, Ucros graduated from college with a degree in education. She spent three years teaching third grade, which she enjoyed a lot, before heeding her father’s advice and moving to South Florida.

Women In Adult ·
opinion

Creating Payment Redundancies to Maximize Payout Uptime

During the global CrowdStrike outage that took place toward the end of July, a flawed software update brought air travel and electronic commerce to a grinding halt worldwide. This dramatically underscores the importance of having a backup plan in place for critical infrastructure.

Jonathan Corona ·
opinion

The Need for Minimal Friction in Age Verification Technology

In the adult sector, robust age assurance, comprised of age verification and age estimation methods, is critical to ensuring legal compliance with ever-evolving regulations, safeguarding minors from inappropriate content and protecting the privacy of adults wishing to view adult content.

Gavin Worrall ·
Show More