Understanding schemes integrity fees

Understanding the rules of the Compliance Programmes by the card brands

Here you'll find more information about how to process payments compliantly against the card brands’ compliance programmes. Following these rules will help you avoid non-compliance fees for your business. By complying with these, you can help your business reduce the risk of fraud, improve authorisation rates and reduce operational costs.

Visa System Integrity

Category 1 - issuer will never approve: This is when an account or transaction type is permanently blocked and will never be approved by the issuer. You shouldn't reattempt a transaction when you receive a category 1 decline response code.

Category 2 or 3 - issuer cannot approve at this time (excess reattempts): This response code indicates a temporary decline condition and approval may be granted at a future date. You should only submit a declined transaction for authorisation a maximum of 15 times within a 30 day timeframe.

Category 3 - data quality (revalidate data): This is when invalid payment or authentication data has been provided and may be approved at a future date once re-validated. You should check and correct the data before resubmitting for approval. Make sure you're not making excessive reattempts (see category 2 or 3).

Visa Processing Integrity

Unmatched clearing: This fee will be charged for each clearing transaction that can’t be matched to a previously approved or partially approved authorisation transaction. To avoid this fee, make sure all clearing transactions are linked to a corresponding authorisation transaction.

Misuse of authorisation system: This is when an authorisation is approved or partially approved but doesn’t correspond to a settlement or reversal. Visa considers this as not properly managing the transaction authorisation lifecycle and will impose fines.

If you can’t process the transaction within seven days, you should reverse the authorisation to avoid it being flagged as an unmatched clearing transaction.

Visa Stop Payment Service

You’ll receive this if you’re submitting repeated authorisation requests following an R1 or R3 decline code. It means that the cardholder has placed a ‘Stop Request’ on their card. This is usually the case for card on file (recurring, subscription transactions, where the cardholder has requested to stop the service). You’ll start to incur fees on the fourth and any subsequent submission request.

Mastercard Transaction Processing Excellence

Final authorisation not meeting requirements: To avoid this type of processing integrity fee, make sure the final authorisation amount is the same as the original authorisation amount and submit it for clearing within the required timeframe of seven days.

Also, once an authorisation is approved and marked as final by the card issuer, you need to process a refund rather than attempting to cancel this. If you try to cancel this, you’ll be open to non-compliance fees.

Undefined authorisation: This is when you submit a pre-authorisation request where the final amount is not yet known and the authorisation indicator field isn’t included in the transaction message. These transactions need to be submitted within seven calendar days of the approval date, otherwise processing integrity fees will apply.

Mastercard is moving away from undefined authorisations in favour of pre-authorisation and final authorisation types.

Merchant Advice Code: Merchant Advice Codes, or MACs, are used by Mastercard to provide reasons why a transaction may have been declined. Each type of code provides details as to whether a reattempt can be made and when. For certain MACs such as code 03 (account closed, suspected fraud), and 21 (cardholder has cancelled the recurring agreement), a reattempt shouldn’t be made as the transaction will most definitely will not be approved. If you resubmit transactions that have already been declined with a MAC of 03 or 21 in the past 30 days, you’ll incur processing integrity fees.

Excessive authorisation attempts: If you submit more than 10 allowed authorisation requests on the same card within a 24-hour period despite previously receiving declined responses from the issuer, this is excessive authorisation attempts and you’ll incur processing integrity fees.

Message format error: This is when you’re submitting authorisation requests that are declining due to an error in the format of the message. When you receive a format error you need to check the card number, expiry date, cvc and the other cardholder details such as the name and address are correct before resubmitting.

Nominal amount authorisation: This is when you’re submitting authorisation requests for small denominations, which are subsequently reversed. Instead, you should use Account Status Inquiry requests. Status checks should be done with a zero value amount and not for any other amounts, no matter how small. Status checks allow you to check that the card isn’t blocked or invalid, without ring-fencing an amount on the cardholder’s account.

PSD2 key entered and card present: This means you’re using keyed transactions in a card present environment, which isn’t allowed under European PSD2 regulation. In a card present environment, you should use a chip and PIN or contactless.

PSD2 chip and CVM for card present: This means you’re using chip or EMV enabled cards in a card present environment that lack cardholder verification, which isn’t allowed under European PSD2 regulation. In a face to face or card present environment, you must use PIN as the cardholder verification.

M/Chip deployment performance program: This means you’re using improperly configured terminals that’s resulting in technology failure. You need to ensure that your terminal configurations are up-to- date and you may need to contact your terminal provider to make sure that all the public keys are configured correctly.

If you’d like more information, or have any questions about this, call us on 0345 702 3344* or email [email protected] and we’ll be happy to help.