opinion

Maintaining Payment Processing Compliance When the Goalpost Keeps Moving

Maintaining Payment Processing Compliance When the Goalpost Keeps Moving

VIRP is the new four-letter word everyone loves to hate. The Visa Integrity Risk Program went into effect last year, and affects several business types — including MCC 5967, which covers adult and anything else with nudity, and MCC 7273, dating services that don’t allow nudity. There are nearly a dozen other MCCs on the list, but for the purposes of this article, we’ll stick to those two.

The biggest obstacle affected businesses are encountering is that the VIRP guidelines are not public; they’re confidential. You read that right. You have to play the game by secret rules, and if you don’t, the “noncompliance assessments” — don’t call them “fines” — start at $25,000.

Many processors and banks have significantly reduced the thresholds for disputes-to-sales ratios and decline-to-sales ratios they will tolerate.

For guidance, businesses must therefore rely largely on payment processors and their sponsor banks, which do have access to the rules. In this article, I will attempt to demystify a few key points that every adult and dating site should be covering to be compliant.

Model Identity, Age Verification and Consent

Adult businesses should require all models and performers to submit a consent form, a 2257 release, and a valid photo ID verified through a third party before making their content available for purchase.

Handling Complaints

A link to file a complaint should be on the footer of your site or outside the paywall, so anyone can access it. Complaints should be addressed within seven days. Complaints of a more severe nature — something potentially illegal, for example — should be addressed immediately. Flagged content should be removed and reviewed. If the complaint is unfounded, the content can be restored, but the complaint itself should be logged in the transparency report.

Transparency Reports

Every month, you should submit a report to your payment service provider that includes takedown requests, complaints received, law enforcement interactions, legal requests and, if applicable, member/model bans.

These are just a few items to consider. This is by no means a complete and comprehensive list. Additionally, different processors may have slightly different interpretations of the rules.

Dispute and Fraud Ratios

Another aspect of payment processing that has come under scrutiny with the enforcement of VIRP is dispute and fraud ratios. Many processors and banks have significantly reduced the thresholds for disputes-to-sales ratios and decline-to-sales ratios they will tolerate.

Several tools are available to help keep these ratios in check, and keep your merchant accounts off the radar of card brands, banks and processors. For instance, dispute resolution services automatically issue a refund, which helps keep your chargeback ratios down and requires no human intervention.

Utilize Your Toolkit

Another way to help keep your fraud and declines under control is by using tools that are included with your merchant account. Address verification service (AVS) checks the billing address and ZIP code entered during the checkout process against information from the cardholder’s issuing bank, and card verification value (CVV), the three-digit security code on the backs of credit cards, offers another layer of verification.

These two tools are already included with every merchant account and should be enabled in just about every gateway. It’s simply a matter of deciding how to treat transactions based on responses. If you want to be super conservative, you can decline any transaction that has a negative AVS or CVV response. If you want to be moderate, you can approve a positive AVS or CVV. You can fine-tune the rules however you like to fit your business needs.

Expertise is Key

When it comes down to it, only you know what’s best for your business. However, it’s also true that it takes a village, and a rising tide lifts all boats. Take advantage of industry resources, like payments experts who will take the time to answer your questions and help guide you through the ambiguous world of banking acronyms and initialisms — including the four-letter ones.

Jonathan Corona has two decades of experience in the electronic payments processing industry. As chief operating officer of MobiusPay, Corona is primarily responsible for day-to-day operations as well as reviewing and advising merchants on a multitude of compliance standards mandated by the card associations, including, but not limited to, maintaining a working knowledge of BRAM guidelines and chargeback compliance rules defined in both Visa and Mastercard operating regulations.

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

opinion

Best Practices for Payment Gateway Security

Securing digital payment transactions is critical for all businesses, but especially those in high-risk industries. Payment gateways are a core component of the digital payment ecosystem, and therefore must follow best practices to keep customer data safe.

Jonathan Corona ·
opinion

Ready for New Visa Acquirer Changes?

Next spring, Visa will roll out the U.S. version of its new Visa Acquirer Monitoring Program (VAMP), which goes into effect April 1, 2025. This follows Visa Europe, which rolled out VAMP back in June. VAMP charts a new path for acquirers to manage fraud and chargeback ratios.

Cathy Beardsley ·
opinion

How to Halt Hackers as Fraud Attacks Rise

For hackers, it’s often a game of trial and error. Bad actors will perform enumeration and account testing, repeating the same test on a system to look for vulnerabilities — and if you are not equipped with the proper tools, your merchant account could be the next target.

Cathy Beardsley ·
profile

VerifyMy Seeks to Provide Frictionless Online Safety, Compliance Solutions

Before founding VerifyMy, Ryan Shaw was simply looking for an age verification solution for his previous business. The ones he found, however, were too expensive, too difficult to integrate with, or failed to take into account the needs of either the businesses implementing them or the end users who would be required to interact with them.

Alejandro Freixes ·
opinion

How Adult Website Operators Can Cash in on the 'Interchange' Class Action

The Payment Card Interchange Fee Settlement resulted from a landmark antitrust lawsuit involving Visa, Mastercard and several major banks. The case centered around the interchange fees charged to merchants for processing credit and debit card transactions. These fees are set by card networks and are paid by merchants to the banks that issue the cards.

Jonathan Corona ·
opinion

It's Time to Rock the Vote and Make Your Voice Heard

When I worked to defeat California’s Proposition 60 in 2016, our opposition campaign was outspent nearly 10 to 1. Nevertheless, our community came together and garnered enough support and awareness to defeat that harmful, misguided piece of proposed legislation — by more than a million votes.

Siouxsie Q ·
opinion

Staying Compliant to Avoid the Takedown Shakedown

Dealing with complaints is an everyday part of doing business — and a crucial one, since not dealing with them properly can haunt your business in multiple ways. Card brand regulations require every merchant doing business online to have in place a complaint process for reporting content that may be illegal or that violates the card brand rules.

Cathy Beardsley ·
profile

WIA Profile: Patricia Ucros

Born in Bogota, Colombia, Ucros graduated from college with a degree in education. She spent three years teaching third grade, which she enjoyed a lot, before heeding her father’s advice and moving to South Florida.

Women In Adult ·
opinion

Creating Payment Redundancies to Maximize Payout Uptime

During the global CrowdStrike outage that took place toward the end of July, a flawed software update brought air travel and electronic commerce to a grinding halt worldwide. This dramatically underscores the importance of having a backup plan in place for critical infrastructure.

Jonathan Corona ·
opinion

The Need for Minimal Friction in Age Verification Technology

In the adult sector, robust age assurance, comprised of age verification and age estimation methods, is critical to ensuring legal compliance with ever-evolving regulations, safeguarding minors from inappropriate content and protecting the privacy of adults wishing to view adult content.

Gavin Worrall ·
Show More