Credit Card Transactions - NOTE

Create a Post
A

acrompton

MGF, Master Grumble Framer
Joined
Jan 22, 2007
Posts
685
Loc
Louisville, KY
There was a thread like this in the Business section of the Grumble, but I thought it would be good to put in here so no one will miss it.

This was on a local small business website....

Important News For Businesses that Accept Credit Cards
The Small Business Development Center of Greater Louisville recently received a letter from Congressman John Yarmuth calling attention to issues of compliance with the Fair and Accurate Credit Transactions Act (FACTA). The Act was passed by in 2003 to prevent identity theft, “but the vague wording has left some seemingly law-abiding business owners out of compliance.”

The Act mandates that “no person that accepts credit cards or debit cards for the transaction of business shall print more than the last 5 digits of the card number or the expiration date upon any receipt provided to the card holder at the point of the sale or transaction.”

According to the letter from Rep. Yarmuth “many business owners believed compliance meant simply truncating the account number down to the last five digits, but the law actually mandates abbreviating the card number and deleting the expiration date. It’s not one or the other. Business owners who do not remove the expiration dates and all but the last five credit card numbers could face fines of up to $1,000 for every receipt they print since the law went into effect, even if there were no damages to the customers.

Almost immediately following last December’s deadline for compliance with the new law, hundreds of lawsuits were filed alleging that the failure to remove the expiration date was a willful violation, despite the fact that there was no allegation of identity theft in most cases.”

If you find that your credit card processing machines need to be updated to be in compliance, contact your credit card processing provider.
 
to PRINT or IMPRINT is the question

I just posted on the other thread on this subject, I had my merchant processor rep in today to upgrade my terminal and spoke with him about this subject. I was using the old card imprinter, you lay the card in and make and impression of the front. The key word, here is PRINT, if your terminal prints the info you are at risk of being scamed, there are scammers out there making small purchases trying to catch merchants listing too much info on the reciepts. Strangely enough, if you use a card imprinter you safe because that is an imprint not a print. We'll see how long that flies.
 
I'm almost certain that here in Aus, merchants aren't supposed to keep card details after processing, perhaps until goods are delivered safely, client satisfaction confirmed, etc.

I had a card terminal until about 2 months ago that actually only printed the first 6 and maybe last 4 digits on both copies that I print out, but the replacement machine received since prints all numbers on both copies.
Bank supplied, so I just file my copy as is in locking cabinet now.

With the client copy I send with paperwork, I use a permanent red texta over the middle part of the number and the whole expiry date.
Just in case someone swipes the paperwork somewhere en route.
This makes it totally illegible and you can't see any print ghost marks even angled in the right light.
 
RParrish said:
Strangely enough, if you use a card imprinter you safe because that is an imprint not a print. We'll see how long that flies.
Click to expand...

FYI, you should be able to get new/special carbonless imprinter receipts that do not duplicate onto the cardholder copy in the area of exp date and all but the last 4-5 digits of the card number. Everyone who processes credit cards should have an imprinter and modern receipts even if you have a swipe terminal, because if a card won't swipe you will need an imprint to prove the card was there in case of fraud. Or, you could just refuse to accept a card that won't swipe - that's probably what the big boys do.
 
When you have a credit card that won't swipe, ask for a different card. If you hand key the card number in, you will be charged what is called a "non-qual" fee which is a big percentage of the amount of the transaction. These "non-qual" fees are accessed to the merchant because the transaction was hand keyed and some of the information from 2 of the 3 magnetic stripes on the back is missing. So supposedly there is more of a chance for fraud.

I think the earlier post is correct that merchants are not supposed to store full credit card information for any more than 3 days (I could be wrong on the timing). I read recently where Wal-Mart and a couple other "big boys" were fined because they were storing that information for longer than the law allowed.

I'm pretty sure the law applies to any type of record of credit card numbers whether imprinted or captured. We used to process our credit cards via our POS computer and we would also take an imprint of the card. Our bank said we had to destroy all those imprinted records within that 3 day window.
 
mayos said:
Our bank said we had to destroy all those imprinted records within that 3 day window.
Click to expand...

I would ask my processor - the bank is just where the money goes. The imprint is proof that the card was there, just like swiping. What's the point of imprinting if you're going to destroy it within three days? The consumer has months to make a claim...

You may find this thread interesting.
 
I'll check with my merchant provider about this again.
Surely, if they don't want card details kept, they should provide machine / imprinters that don't record copy on at least the merchant copy.

As a service to my clients, I will keep blanking out their copies for safety in transit.

For tax reasons, we have to keep transaction copy records of everything for 7 years here.
 
Create a Post
Back
Top