Did You Know You Can't Require ID on CC Transactions?

(I hope you all find this informative. I read a few posts in the “So, when should common sense kick in?” thread about checking ID’s. I thought about that thread when I learned this today…)

Did You Know You Can’t Require ID on CC Transactions?

I didn’t until a few hours ago. I’ve been reading numerous articles for the past few hours, and found out that it’s true in most circumstances. I posted the best of the articles here. Below is the short story straight from the source:

Here’s what Mastercard says:

[size=5]MasterCard Rules 6 November 2009[/size]

[size=5]5.6.3 Additional Cardholder Identification[/size]
A Merchant must not refuse to complete a Transaction solely because a
Cardholder who has complied with the conditions for presentment of a Card at
the POI refuses to provide additional identification information, except as
specifically permitted or required by the Standards. A Merchant may require
additional identification from the Cardholder if the information is required to
complete the Transaction, such as for shipping purposes. A Merchant in a
country or region that supports use of the MasterCard Address Verification
Service (AVS) may require the Cardholder’s ZIP or postal code to complete a
Cardholder-Activated Terminal (CAT) Transaction, or the Cardholder’s address
and ZIP or postal code to complete a mail order, phone order, or e-commerce
Transaction.

Here’s what Visa says:

[size=5]Rules for Visa Merchants [/size]Card Acceptance and Chargeback Management Guidelines

When should you ask a cardholder for an official government ID? [size=5]Although Visa
rules do not preclude merchants from asking for cardholder ID, merchants
cannot make an ID a condition of acceptance. Therefore, merchants cannot
refuse to complete a purchase transaction because a cardholder refuses to
provide ID. Visa believes merchants should not ask for ID as part of their
regular card acceptance procedures.[/size] Laws in several states also make it illegal
for merchants to write a cardholder’s personal information, such as an address or
phone number, on a sales receipt.

ID can be asked for when the purchase contains alcohol or tobacco for age verification purposes.

Anyone know if it is the same for AMEX, Discover or any other popular cards?

Have you ever had problems with customers because of asking for ID?

Are your employees aware of these rules? Do you want an employee pissing off a good customer that knows better and getting a bad article about your store in the local paper! It happened to the Disney Store!

[list]Disney Store Refuses Small Credit Card Purchase Because You Left Your ID In The Car

Disney Store Apologizes For Refusing To Sell Stuff Without ID, Says It’s Not Their Policy[/list]

Now that you know this, will you change your stores policy on checking ID’s?

Oh, and you all might find this article useful:

[size=5][b]MERCHANT CREDIT CARD FRAUD[/b] 31 Ways to Minimize Credit Card Fraud[/size]

Well, I’ll ask you then the obvious questions:

How can the merchant verify that the person is actually the cardholder? I assume that isn’t something they want us to do.

Also, how about the 75% of customers that have written “see id” in the signature stripe, because someone told them not to sign their card? Right there on the card is says “not valid unless signed”. Do we now refuse the transaction even if they show id because their card is not valid?

(“see id” is the stupidest thing I’ve ever seen. Absolutely no point in it.)

The answers to those questions and much more information I was surprised to see is in the articles I linked to in my original post: “I posted the best of the articles here.”

Yeah, I saw the answer in that PDF.

So a “SEE ID” card is invalid and we are supposed to refuse it unless they show us ID and then sign the card in front of us.

I think Dr. Phil would say “and hows that workin’ for ya?”.

I just got off the phone with my CC service provider. If seem the rules are much different for Canada. You not only have the right to ask for ID you have the option to refuse the transaction even with ID if you feel something is not quite right.

It just goes to show how different things can be just across the border. :lol:

Surprising to say the least. What exactly is the point of the signature if I cant verify it against a legal from of ID? When a chargeback happens, they want to see the signed slip. I suppose if the signature doesnt match the cardholders I will lose the chargeback fight? I would love to see a merchant uprising against Visa and Mastercard.

The signature on the card is supposed to be checked against the signature on the receipt they sign.

If they want a matchable signature, why don’t they double or triple the height of the strip on the back of the card so people can actually sign like they normally do?

Why would we do that!!! They are clearly on our side and only interested in promoting and growing small businesses…according to the AmEx ads anyway. :wink:

The MasterCard site for Canada says the same thing:

http://www.mastercard.com/ca/wce/PDF/Ma … s_2009.pdf

5.6.3 Additional Cardholder Identification
A Merchant must not refuse to complete a Transaction solely because a
Cardholder who has complied with the conditions for presentment of a Card at
the POI refuses to provide additional identification information, except as
specifically permitted or required by the Standards. A Merchant may require
additional identification from the Cardholder if the information is required to
complete the Transaction, such as for shipping purposes. A Merchant in a
country or region that supports use of the MasterCard Address Verification
Service (AVS) may require the Cardholder’s ZIP or postal code to complete a
Cardholder-Activated Terminal (CAT) Transaction, or the Cardholder’s address
and ZIP or postal code to complete a mail order, phone order, or e-commerce
Transaction.

That’s what’s good about PIN for cards.
The vendors are then responsible because the machine and their system OK’ing the transaction. Very hard for a PIN to be matched if the card has been stolen, unless it was stolen at the same time the PIN was sent (normally 2 -3 days apart) or some goose left their PIN with the card.
Don’t know about over there but here when you get the card you have to phone in and activate the card with personal details that only the true owner would know, ie mother’s maiden name, your date of birth, address and your personal password.
The majority of cards are now PIN accessable and have the micro chip that is supposed to eliminate fraud and cancell the card if is reported stolen.
In 4 years we have had the store we have only once been asked for a transaction verification and this was because our card name is in our Pty Ltd trading name and not the store name. This happened only weeks after we took over the store and have no problems for over 4 years now.
There is also a clause here that says if you suspect a stolen card call a hot line number and report it. If they give the OK then the onus is on the vendor not the retailer.
Maybe our system here is controlled tightly by the government thus eliminating problems you guys have ?

Dave

Gregster
That is an old document. The code of conduct for CC companies was a big deal in parliment last fall. Things have changed to help protect the merchants against fraud. Like I said before I call my service provider and verified the changes had come into effect.

Since we all have contracts with merchant service providers, the thing to do if there is a question . . . is to call the person with whom we have a contract. There are lots of implications if contract terms are in conflict with current legislation, but the party to whom we are responsible is the contract partner. Ask 'em and then verify their information (because their priority is THEIR business interests).

BTW, anyone read the Mastercard “Standards”? there is a glaring phrase hanging out there that creates curiosity and subjugates all of the previous prohibitions . . . “except as specifically permitted or required by the Standards.” Seems you CAN require ID if it is specifically permitted by the Standards, whatever they are. Not interested enough to find them just now.

From the same MasterCard Rules manual “definitions” linked to in the OP:

Standards
The Amended and Restated Certificate of Incorporation, Bylaws, Rules, and policies, and
the operating regulations and procedures of the Corporation, including but not limited to
any manuals, guides or bulletins, as may be amended from time to time.

Rules
The Standards set forth in the MasterCard Rules manual.

They are basically saying that other rules apply also, such as the exceptions I noted when the law requires checking ID for purchase of tobacco or alcohol.

Therein lies my recommendation to talk with the contract service provider and get as much printed materials as possible. These “other rules apply” are most certainly in place to protect MasterCard and its business interests . . . . but they will also hold the keys to finding legitimate ways to do what we want and need to do to protect ourselves.

Seems odd how awfully difficult it is to get hold of all this in one place. I could not find after 20 minutes of hunting, a written statement of the cardholder requirements for transacting business with the card. Brought back the reality that as much liability as conceivably possible is shifted to the merchant. Briliant model for the corporations making the rules . . . less so for us swiping the cards every day. That said, I am still using the cardsa and still finding more and more new information to make myself a more strategically effective merchant.

Right, but I wasnt clear enough in my post. Anybody can find (or steal) an unsigned credit card and sign the back of it themselves. It isnt a legal form of ID. If I want to truly verify a signature it seems I would want to check it against something like a drivers license that would be very difficult to forge. What is the rational for a credit card company not wanting me to do that? I know their drivers license was signed at the DMV. For the conspiracy theorists out there, could it be possible that the CC companies actually make money off of small fraudulent charges? Hmmm, it seems that if I lose a chargeback I end up having to pay the money back and then get a tidy little fee as well. (And I sincerely apologize for the lack of carriage returns and apostrophes in this post, for I have spilled coffee on this freaking keyboard and lost the use of both.)

The CC companies have shifted nearly all of the risk onto the merchants, while still making a small profit on every single transaction. They are trying to make using a CC even easier than using cash. Asking for ID has already been factored in, and they came to the conclusion that since the cost of fraud has been successfully shifted onto the merchant, asking for ID only decreases their profits with no corresponding upside in savings for them. More simply, you pay for the convenience, increased sales, and fraud… They reap the profits on your sales without the risk of a downside. What a sweet deal for them.

If a customer complained about demand for ID at your store today, what would you all do?

I would point to the cleverly crafted policy that I had previously drafted and had approved by a competent contract attorney that gives me leave to check ID validity. I don’t actually have one right yet, but I do plan to find a way to create a creative policy that gets me around that whole “naked liability” issue.

It is going to be a project that takes time and effort . . . but there has to be a way to do it. I envision tying the ID to some process or policy relating to deliveries, verifying the POS data, or some such like that. Get some plausible denyability in place. It actually is good business practice for lots of reasons to verify identity of new/unfamiliar customers. Consider delivering to someone at an address with a completely unfamiliar name . . . policy could be that someone must be able to verify they live there at time of delivery, or some such like that. I am not saying that is THE or even AN answer. Just an eample as I brainstorm.

I think you are missing a major point here - asking for ID is not against the rules. Refusing to accept the card because a customer won’t show ID appears to be against the rules - two totally different things.

For example, if a customer shows you a card that says “John Doe” on it, and you ask for ID, and the ID says “Joe Smith”, you can’t refuse the card based on that.

You can however, refuse the card if the signatures don’t match.

So, if someone won’t show you ID, and you really don’t want to accept the card, all you have to say is “I don’t think the signatures match”. That is an opinion and up to interpretation.

However, and here is a point that makes this whole thing even more stupid - by the time you are at the signature verification point in the process, you have ALREADY run the card! So now you must void that transaction. And if it was a debit card, you are going to have one irate customer when they get home and see the hold on their checking account that won’t go away for 3 days!

There is absolutely no way to win this game.

Just take the card, don’t worry about signatures, etc. The few chargebacks you will get are not worth all the hassle of trying to do things the “right” way.