Electronic Payment Acceptance Frequently Asked Questions

FEES

1. What fees are associated with accepting credit cards, e-checks, and debit cards, etc.?

Under our contracts, we pay a $0.03 transaction fee for processing through Wells Fargo electronic payment acceptance, plus a $0.05 transaction fee for gateway services (web payments) through Wells Fargo Payment Gateway (WFPG) powered by CyberSource. In addition to these fees to the vendor, we pay card brand fees (interchange and assessment fees), which are dependent upon a number of different factors. More information about fees can be found on the Training webpage.


2. What are the statewide interchange averages for some of the major credit card brands (V/MC, AMEX, and Discover)?

 As of FY15, the averages for the major credit card brands are as follows:

      • Visa – Card Present 1.56% 
  • Visa - Card Not Present  2.53% 
  • MasterCard  1.67% 
  • AMEX  2.20% 
  • Discover  1.55% 

Please note these card brand fees vary greatly depending upon your customer base. If your primary customers are businesses rather than the general public, the card brand fees may be higher due to the fact that business/corporate credit cards have higher interchange fees. Please see the Training webpage for additional information on fees.


3. Can I charge a fee to my customer to offset some of the costs associated with electronic payment acceptance?

 Yes, State agencies may charge a convenience/surcharge to off-set costs associated with accepting electronic payments. However, pursuant to NRS 353.1465, the total fee charged by the agency in a fiscal year must not exceed the total amount of fees charged to the agency by the issuer or operator for that fiscal year. Agencies may not profit from the surcharge to process any type of electronic payment. Please contact the Nevada State Treasurer’s Office by calling 775-684-5675 or e-mailing OSTcredit@nevadatreasurer.gov, if your agency will implement a surcharge.

Additionally, most of the card brands also impose restrictions on how these fees may be charged.
Here is a current list of requirements: 

  • Merchants (agency) must inform their card processor and the card brands that a fee will be imposed at least thirty (30) days prior to the fee going into effect.
  • Customers must be informed that the merchant charges a fee at the point-of-entry to the payment facility or if a web transaction is processed, at the first point of interaction or sale with the customer. This amount of the fee must also be disclosed at the point-of-sale and on the payment receipt. Please review the examples of disclosures provided by Visa by clicking on the link below:
    http://usa.visa.com/download/merchants/sample-surcharge-disclosure-signage.pdf
  • The fee must be the same for all card brands accepted and may not exceed the average fee paid to the card brands.
  • The fee may not exceed 4%.
  • Customers who choose to pay via debit or prepaid card may not be charged a fee.
  • The fee can be a fixed, flat dollar or a percentage. 

4. What is the process for claiming electronic payment acceptance related payments and fees?

The Cash Management Division of the State Treasurer’s Office (STO) facilitates an agency’s claiming of all electronic payment acceptance related payments and fees, which are deposited into the State’s bank account(s).  An e-mail from OST Cash will be sent to each agency on a daily basis with applicable credit card and e-check deposits or debits. If an agency knows the total dollar amount that will be credited and/or debited to/from the bank account(s), please follow the instructions below:

  1. Process a Cash Receipt (CR) for the funds in Advantage and place on “hold.”
    Please do not schedule or run your CR. STO will process the document when the funds are verified and will edit the date on your CR.
  2. Go to the State Treasurer’s Office website and process an Incoming Funds Notification (IFN). http://net.nevadatreasurer.gov/IFNform/
  3. Once the funds are received or debited, our Cash Management staff will process the IFN, revise the date on the CR (if necessary) and schedule the CR. The agency who entered the IFN will receive an e-mail notification when completed.

Agencies that have Merchants Services related funds not previously claimed using the process noted above will be contacted via e-mail by Cash Management staff. The agency will then have two (2) days to provide a CR (SAM 2702 Keying of CR Documents into Advantage). Please keep in mind Cash Management staff do not have additional information about incoming or outgoing funds other than what is initially sent to the agency. Any questions regarding supporting documentation related to funds may be directed to the Treasurer’s Office by calling (775) 684-5675 or e-mailing OSTCredit@NevadaTreasurer.gov


5. How is invoicing handled?

To ensure our electronic payment acceptance provider is adhering to our contract terms and agencies are invoiced accurately, STO will receive all invoices from the provider around the second week of each month. STO Staff will review each invoice and disburse to agencies accordingly.  For agencies whose funds flow through the state’s main bank account, STO will process a Payment Voucher (PV) on their behalf, using the coding provided during implementation.  Political sub-divisions or other agencies whose transactions fund to a non-State managed bank account may be invoiced directly by Wells Fargo Electronic payment acceptance or our office, depending on their merchant account set-up during implementation.


CHARGEBACKS/DISPUTES

6. What are chargebacks, retrievals and reversals?

Chargebacks are disputes made by customers claiming charges were fraudulently initiated or duplicative payments. Merchants/agencies have a short window of time (generally 30-45 days dependent upon the timely notification) to provide documentation to the card brands proving a payment was legitimately collected. Merchants must respond in the time allotted by each card brand or e-check provider; otherwise, the customer dispute will likely stand. The merchant/agency will be charged for the fees initially processed, plus an additional fee of $5.00 per chargeback.The Treasurer’s Office can provide tools and recommendations to assist agencies in preventing or reducing chargebacks. For more information, please contact the Treasurer’s Office by calling (775) 684-5675 or e-mailing OSTcredit@nevadatreasurer.gov.

Retrievals are similar to chargebacks in that there is question on the legitimacy of the original card payment. The cardholder’s issuing bank is requesting proof from the merchant/agency that the cardholder did initiate the payment. The original payment or transaction amount and fee are not yet incurred; however, the resulting outcome is the transaction could end up as a chargeback. Always treat a retrieval request the same as you would a standard chargeback and ensure submission of supporting documentation is provided.
Examples of supporting documentation are signed sales slips/receipts (ensure no card holder data, such as full card numbers, security codes or PINs are printed), registration/license applications that tie back to the cardholder/account holder (redact any personal identifying information, such as social security numbers, license numbers, addresses, etc.) and voice recordings for telephone payments.

Reversals are chargebacks that are returned to the merchant when card brands find the supporting documentation as sufficient proof of purchase. Unfortunately, our current electronic payment acceptance provider charges a fee of $5.00 when a chargeback is initiated by a customer. See below for important information about how chargebacks can be prevented.

The Dispute Manager application within ClientLine will list all chargeback and retrieval details for each case. Each agency is responsible for uploading their own supporting documentation into Dispute Manager and following up on each case result. See the Training & Documents link for a Dispute Manager User Guide and a Merchant Guide on Disputes. Online help and a demo can be found under ‘Quick Links’ within the Dispute Manager dashboard. Agencies may e-mail OSTcredit@nevadatreasurer.gov for additional training support or for any questions regarding specific cases. See question #18 below under the TECHNICAL section for more information about ClientLine.


7. What are some tips merchants can use to prevent chargebacks or decrease their frequency?

There are several things merchants can do to decrease the likelihood of a chargeback from occurring. Below are some examples:

  1. During the boarding application process, ensure the DBA (doing business as) name appears on the customer’s card or checking statements and is easily identifiable/understandable to the payer. Using location numbers or acronyms that only have significant meaning to the agency will likely cause customers to dispute charges. The agency or office name of the merchant account holder is usually a good identifier. There is a 22-character limit for credit card statements and a 16 character limit for checking statements, including spaces; however, if the agency accepts both card and e-check, please adhere to the 16-character limit.
      
  2. Always swipe the customer’s card whenever completing a transaction in-person. This qualifies as a card-present transaction and will prove the cardholder authorized the charge. Additionally, card present transactions are subject to lower merchant fees.
      
  3. For card present transactions, always check identification, have the customer sign the sales receipt authorizing the charge, and retain a hardcopy to keep on file in a secure location for a minimum of 90 days.
    *Please note, the current State general retention requirement for financial documents is 3 years. See the General section of the FAQs for more information on retention.
      
  4. Use the Card Verification Value (CVV) and Address Verification Service (AVS) functions whenever possible. The CVV is the three-digit security code on the back of all Visa, MasterCard and Discover cards and the four-digit code on the front of American Express cards. The CVV and AVS functionality can be set during the boarding application process and anytime thereafter.
      
  5. When a card is declined, do not attempt to reprocess the transaction. Similarly, if you receive a “call” response for authorization, contact the credit card authorization center to ensure the card is still valid or better yet, ask for another form of payment. The number to call can be found on the back of the card.
      
  6. For card-not-present transactions, require customers complete a payment authorization form whenever possible and retain only a hardcopy in a secure location for a minimum of 90 days. It will serve as sufficient proof the customer authorized the transaction. In the interest of maintaining PCI compliance, ensure only hard copies are retained in a secure physical location or if electronic copies must be stored, they are not stored on unsecure servers. Please see the Training & Documents page for samples of authorization forms and the PCI section for more information on PCI compliance.

TECHNICAL

8. How do I have my access to the gateway portal or ClientLine reset?

It is important to have at least three Agency Administrators established within each agency to ensure adequate coverage is available for reset requests in each office. However, as another option, you may contact the Customer Support lines for each applicable vendor below. As a third option, you can send an e-mail to OSTcredit@nevadatreasurer.gov.

CUSTOMER SUPPORT
Wells Fargo Payment Gateway/CyberSource 866-409-0834
(6:00 am – 5:00pm pacific time Monday - Friday)
Authorize.Net 877-447-3938
(24 hours, except major holidays)
ClientLine Help Desk 800-285-3978

9. How can my internal system of record (website, database, etc.) interface with our electronic payment acceptance vendor, so that payments are associated with our office records? (I.e. registrations, licenses, permit, etc.)

Application Programming Interface (API) specifications for web transactions through a gateway are provided by our contracted electronic payment acceptance provider. See question 10 below for a link to the latest copy of the technical documents/API specifications. Payments processed using a point-of-sale (POS) terminal vary by device and may or may not have an API for integration; consult the Nevada State Treasurer’s Office, by calling 775-684-5675 or e-mailing OSTcredit@nevadatreasurer.gov.


10. Where can I find Application Programming Interfacing (API) specifications for integration to the gateway?

You can find the latest API specifications on CyberSource’s website using the link below. Please reference sections for FDC Nashville Global, which is the payment processing platform used by Wells Fargo Payment Gateway powered by CyberSource for card transactions and CyberSource ACH Services, which is the WFPG ACH platform for electronic check transactions. http://www.cybersource.com/developers/

The Cash Management Division of the Nevada State Treasurer’s Office can assist with providing a migration document containing important information, such as code samples for common use cases and a glossary of terms. Please contact the Nevada State Treasurer’s Office, by calling 775-684-5675 or e-mailing OSTcredit@nevadatreasurer.gov


11. How do I find more information about updates to the API?

The guide found in the link below will contain release notes with information regarding updates or changes to the WFPG API.

http://www.cybersource.com/developers/other_resources/simple_order_release_notes/


12. Does our current electronic payment acceptance provider develop websites for payment collection?

Unfortunately, Wells Fargo electronic payment acceptance does not provide website development services. However, our office can provide a few recommendations for vendors contracted by other agencies. Please contact the Nevada State Treasurer’s Office, by calling 775-684-5675 or e-mailing OSTcredit@nevadatreasurer.gov.


13. What is Secure Acceptance Integration?

Secure Acceptance is a readymade customer-facing webpage, which simplifies PCI compliance requirements by redirecting payers to a secure, Wells Fargo hosted site. Since the application contains its own user interface design toolkit, additional web development is not required. The Secure Acceptance profile can be customized to create a seamless transition from an agency’s webpage to the payment processing form. For additional information, please refer to the Secure Acceptance Integration Guides below:

Secure Acceptance Web/Mobile
http://www.cybersource.com/developers/getting_started/integration_methods/secure_acceptance_wm/

Secure Acceptance Silent Order POST
http://www.cybersource.com/developers/getting_started/integration_methods/secure_acceptance_sop/


14. What if my system developer cannot interface with our current electronic payment acceptance vendor, but can with another gateway or processor?

Pursuant to NRS 353.1465, all contracts for electronic payment acceptance outside of the state’s main contract must be approved by the State Board of Finance, unless the agency has statutory authority. Please contact the Nevada State Treasurer’s Office, by calling 775-684-5675 or e-mailing OSTcredit@nevadatreasurer.gov regarding this requirement.


15. Who can I contact for customer or technical support from Wells Fargo?

For Wells Fargo Payment Gateway Customer Support, please e-mail OSTcredit@nevadatreasurer.gov or call 866-409-0834. For ClientLine technical support, please call the ClientLine Help Desk at 800-285-3978. Any processing related issues should be directed to the Nevada State Treasurer’s Office, by calling 775-684-5675 or e-mailing OSTcredit@nevadatreasurer.gov.


16. How do I inquire about equipment needs, such as point-of-sale terminals, PIN pads, etc.

The Treasurer’s Office typically receives a discounted rate through our electronic payment acceptance vendor. Our office can facilitate a quote request and aid in researching product options to ensure equipment purchases are compatible with our current electronic payment acceptance provider. For equipment-related inquiries or requests, please contact the Nevada State Treasurer’s Office, by calling 775-684-5675 or e-mailing OSTcredit@nevadatreasurer.gov.


REPORTING/RECONCILING

17. What are the reporting options through WFPG?

There are various reports provided by our electronic payment acceptance provider which can be downloaded on-demand through the Wells Fargo Payment Gateway (WFPG) Enterprise Business Center web portal or extracted programmatically through a reporting API. Information about the various reports can be found below as well as through the Reporting Developer Guide found here: http://www.cybersource.com/developers/documentation/reporting_and_reconciliation/

Payment Batch Detail (PBD) Report
This report contains information about card and e-check transactions processed by the 9pm card cut-off and the 5pm e-check cut-off for a prior day. The PBD should be used to reconcile bank deposit activity for a given day and is available in XML or CSV format at each individual gateway level. Refer to page 35 of the Reporting Developer Guide for XML or page 143 for CSV.

Image 1

Payment Events Report (PER)
This report contains information for e-checks after a transaction is sent to the payment processor. The PER should be used to reconcile e-check returns, such as for insufficient funds, invalid accounts, etc. and is available in XML or CSV format at each individual gateway level. Refer to page 40 of the Reporting Developer Guide for XML or page 146 for CSV.

Image 2

Transaction Detail Report (TDR)
This report contains 24-hour (12am – 11:59:59pm PT) detailed transactional information for cards and e-checks for a prior day. The TDR is available in either XML or CSV format at each individual gateway level and the reporting developer guide can be found on the Training & Documents page.

*Note: The sample below does not show every field available on the TDR. Refer to the Guide.

Image 3

Merchant Account Reports (MARs)
Each Merchant Account Report include high-level summary to transactional detail information during a 24-hour (12am – 11:59:59pm PT) window. Information about the MARs available to the State is found below and through the Merchant Account Report Developer Guide found here: http://apps.cybersource.com/library/documentation/dev_guides/MA_Reports_DG/MA_Reports_DG.pdf

Each report shown below can be downloaded from the WFPG EBC or programmatically via API at the individual gateway level or at the Single Sign-On (SSO) level, if the agency has multiple gateway IDs.

Payment Activity Summary Report
The Payment Activity Summary Report is a high-level recap of all payments processed for each card type. When downloaded from the WFPG EBC, this report can be exported in XML, CSV, XLS or PDF format. See below for a sample:

Image 4

Purchase and Refunds Detail Report (PRD)
The PRD report shows transaction-level detail for all payments and refunds processed for a prior day during a 24-hour (12am PT – 11:59:59pm PT) window. Be advised that voided transactions also appear on this report and are only distinguishable by cross-referencing against the voided transactions that appear on the Transaction Detail Report or by performing a Transaction Search in the Wells Fargo Payment Gateway Enterprise Business Center web portal.

Image 5

Additionally, Wells Fargo Electronic payment acceptance (through a web application called “ClientLine”) provides a multitude of ad-hoc reports that may be generated downloaded or scheduled at varying frequencies. Reports on daily transaction details, transaction summaries, merchant fees, user activity, etc. can be processed by the agency through the web for card transactions. See below for more information.

If an office accepts American Express, access to the American Express Online Merchant Account Management System (OMS) will also be required. Unfortunately, merchant fees for American Express (AMEX) cannot be reconciled using ClientLine because the processor does not collect the fees for this card brand – the merchant fees are debited by AMEX directly. Our office can assist with obtaining access to the AMEX OMS - send your request to OSTcredit@nevadatreasurer.gov


18. What is ClientLine?

ClientLine is an online reporting system - an important tool used to reconcile credit and debit card payments and associated electronic payment acceptance fees. The gateway reports will not provide details on fees or charges, so it is important to have access to ClientLine. ClientLine is also used to review and respond with details pertaining to chargebacks through another application called, Dispute Manager.

To request access to ClientLine, a supervisor or manager may send an e-mail to OSTcredit@nevadatreasurer.gov with the following information:

  • The first and last name of the individual user requiring access.
  • The user’s e-mail address and telephone number.
  • Whether the user will require access to the Dispute Manager for Chargebacks.
  • The 12-digit merchant account number(s) and location IDs the user will need access to.

19. What are the best practices related to reconciling merchant fees and funds?

First, it is important for each agency to maintain an internal system of record for keeping track of the payments their office processes. Relying solely on our electronic payment acceptance provider to maintain an accurate record of all transactions processed as it pertains to revenue collection, does not allow for proper reconciliation or funds handling. Each office may decide whether maintaining a spreadsheet, database or another accounting application is best for their agency’s needs. This is especially important to consider if an agency is utilizing the Wells Fargo Payment Gateway’s Virtual Terminal to process payments since it does not directly interface with internal office systems.

Next, comparison of the Department’s or Agency’s internal system of record’s report of electronic transactions processed against settlement reports in Wells Fargo Payment Gateway or funding reports in ClientLine is essential. This includes payments processed as revenue and any fees associated with electronic payment acceptance and refunds.

Finally, it is imperative to develop an internal policy and procedure for not only reconciling electronic payment acceptance-related funds, but for credit card acceptance in general. This not only ensures that a Department’s processes are consistent and accurate, but it shows the State follows due diligence regarding all aspects of electronic payment acceptance.


SECURITY AND COMPLIANCE (PCI/EMV)

20. What is PCI SSC and how is compliance attained?

PCI refers to Payment Card Industry Security Standards Council. This group is comprised of representatives from the five major card brands (American Express, Discover, JCB, MasterCard and Visa) and other members from the payment processing industry, such as merchants and acquirers. PCI SSC is responsible for developing security, procedural and technical standards and requirements for card acceptance. Each of the four major card brands has agreed to incorporate these requirements into their own compliance programs, please see the links below.  

VISA Cardholder Information Security Program (CISP)
https://usa.visa.com/support/small-business/security-compliance.html?ep=v_sym_cisp

MasterCard Site Data Protection (DSP)
https://www.mastercard.us/en-us/merchants/safety-security/security-recommendations/site-data-protection-PCI.html

Discover Information Security Compliance (DISC)
http://www.discovernetwork.com/merchants/data-security/disc.html

American Express Data Security Operating Policy (DSOP)
https://www209.americanexpress.com/merchant/singlevoice/dsw/FrontServlet?request_type=dsw&pg_nm=merchinfo&ln=en&frm=US&tabbed=complienceRequirement

Through our current electronic payment acceptance provider, each agency will be established with access to a web-based program called TrustKeeper, a TrustWave product. By answering a few questions about how an office accepts electronic payments, TrustKeeper will determine the next steps for attaining PCI compliance.

Annually each agency will only be required to complete a Self-Assessment Questionnaire (SAQ) applicable to the level of compliance necessary . The SAQ contains specific questions about how an agency is technically and procedurally structured, as it pertains to card acceptance. More information about PCI can be found at the following website:
 https://www.pcisecuritystandards.org/index.php

Based on the transaction volume levels noted below, agencies with higher electronic commerce card activity may be required to submit a quarterly scan report through a PCI approved scanning vendor (ASV). Quarterly scans will determine vulnerabilities in an agency or office’s system pertaining to payment card security. Please contact the Nevada State Treasurer’s Office at 775.684.5675, if you have additional questions or need assistance finding an ASV.

Image 1
*Source: PCI Awareness Training – PCI SSC

21. Where can I find additional resources related to PCI?

The website hosted by PCI SSC (Payment Card Industry Security Standards Council) https://www.pcisecuritystandards.org/index.php is a great resource. However, if an agency has specific concerns regarding PCI, please contact the Nevada State Treasurer’s Office, by calling 775-684-5675 or e-mailing OSTcredit@nevadatreasurer.gov.


22. What is EMV and how will it impact my office?

EMV refers to Europay, MasterCard and Visa and typically describes an arguably more secure chip-card technology common to most cards issued in Europe. EMV technology has gained recent attention since many card brands are encouraging implementation of this technology worldwide, especially here in the United States.

Although banks have not widely begun issuing EMV compliant cards, they have begun to trickle in with increased frequency. This may impact an agency as financial liability shifts to the merchant (in this case, the agency that processed the payment) and away from the card types for card-present fraudulent charges. This liability shift occurred in October 2015 across many of the major card brands, such as Visa, MasterCard, American Express and Discover. Card brand policies state that financial liability will shift from the party who possesses the highest-level of payment security and/or possesses the most secure form of EMV-compliant technology.

EMV technology is most relevant to new equipment purchases or replacements. If an agency requires electronic payment acceptance equipment, such as point-of-sale (POS) terminals or PIN pads, EMV-compliant technology can be a consideration at that time. Please contact the Nevada State Treasurer’s Office, by calling 775-684-5675 or e-mailing OSTcredit@nevadatreasurer.gov.


23. Is it safe to e-mail credit card information?

E-mail is not a secure form of transmission of card holder data or information. Credit and debit card numbers, expiration dates, security codes, PINs, etc. must not be documented in any e-mail format. Sending card holder data via e-mail is also a violation of PCI compliance. Similarly, card holder data may not be stored electronically without the proper security measures in place to protect the information. If your agency must retain or store cardholder information electronically, please consult the Treasurer’s Office, and review the PCI Data Storage Do’s and Don’ts using the link below. However, the industry wide recommendation is never to electronically store any cardholder information for any period of time.

https://www.pcisecuritystandards.org/documents/PCI Data Storage Dos and Donts.pdf


24. Can credit card information be mailed , faxed or given over the telephone?

Agencies may develop a credit or debit card authorization form that customers may fill out with their card information. This form may be mailed, faxed or hand-delivered to the agency or office processing the payment. If agencies choose, they may also accept payments via telephone. These are all acceptable avenues for credit or debit card acceptance according to PCI standards.

Agencies are required to develop internal policies and procedures as it pertains to credit and debit card acceptance. Please ensure these procedures also include measures for maintaining secure handling, processing and storage of card holder information, including payment authorization forms. For additional information or examples of authorization forms, policies and procedures drafted by other agencies, please contact the Nevada State Treasurer’s Office, by calling 775-684-5675 or e-mailing OSTcredit@nevadatreasurer.gov.


GENERAL

25. What information do I need to have prior to contacting STO for Electronic payment acceptance?

Please review the Treasurer’s Office handout regarding Electronic payment acceptance fees for information regarding current contract pricing and other fees associated with electronic payment acceptance. If an agency wishes to proceed with electronic payment acceptance, please complete the Pre-Boarding Questionnaire form from the Training & Documents section of this website and e-mail to OSTcredit@nevadatreasurer.gov Subject: New Electronic payment acceptance Account. This form will assist our office in obtaining the appropriate services for the inquiring agency. See the “Becoming a Merchant” page for more information.


26. What are the statutory and regulatory guidelines related to electronic payment acceptance in Nevada?

NRS 353.1465-1467 apply to acceptance of credit/debit cards and other electronic transfers of money for all State agencies.


27. What is the State General Retention Schedule for documents related to electronic payments?

Refer to the Nevada State Library and Archives website: http://nsla.nv.gov/uploadedFiles/nslanvgov/content/Records/State/1_General_Schedule/General Schedule.PDF

Regardless of the General Schedule, STO recommends retaining all documents related to an electronic payment, such as payment authorization slips, confirmation documents, receipts, etc. for a minimum of 90 days from the original date of transaction. These documents may need to be provided to a card issuing bank to refute chargebacks/disputes.