merchant guide - payzerware
TRANSCRIPT
Merchant Guide
Payline Data Services, LLC
225 W. Wacker Dr., Suite 550
Chicago, IL 60606
Phone: (800) 617-9342
Email: [email protected]
2
Table of Contents 1. GENERAL INFORMATION ............................................................................................................................ 4
1.1 Introduction .................................................................................................................................................. 4 1.2 Definitions .................................................................................................................................................... 4 1.3 Laws ............................................................................................................................................................. 5 1.4 Rules ............................................................................................................................................................ 5 1.5 Merchant Responsibilities ............................................................................................................................ 6 1.6 Payline and Bank Responsibilities ............................................................................................................... 6 1.7 Updates to this Guide ................................................................................................................................... 6 1.8 Customer Service ......................................................................................................................................... 6
2. GENERAL CARD ACCEPTANCE PROCEDURES ..................................................................................... 7 2.1 Card Acceptance .......................................................................................................................................... 7 2.2 Transaction Processing ................................................................................................................................. 7 2.3 Minimum/Maximum Transaction Amounts ................................................................................................. 7 2.4 Collection and Retention of Personal Information ....................................................................................... 7 2.5 Taxes ............................................................................................................................................................ 8 2.6 Merchant Descriptor..................................................................................................................................... 8 2.7 Prohibited Transactions ................................................................................................................................ 8 2.8 No Laundering Transactions ........................................................................................................................ 9 2.9 No Waiver by Cardholders ........................................................................................................................... 9 2.10 Returns ......................................................................................................................................................... 9 2.11 Surcharges, Discounts and Convenience Fees ........................................................................................... 10 2.12 Debit Cards ................................................................................................................................................ 11 2.13 Transaction Types ...................................................................................................................................... 11 2.14 Transaction Proceeds ................................................................................................................................. 11 2.15 Restrictions................................................................................................................................................. 12
3. CARD PRESENT TRANSACTIONS ............................................................................................................. 12 3.1 Card Present Background ........................................................................................................................... 12 3.2 Fraud Prevention ........................................................................................................................................ 12 3.3 Card Validity .............................................................................................................................................. 13 3.4 Cardholder Identification and Verification ................................................................................................ 14 3.5 Authorization ............................................................................................................................................. 14 3.6 Receipt ....................................................................................................................................................... 15 3.7 Fallbacks and Forced Transactions ............................................................................................................ 16 3.8 Card Recovery ............................................................................................................................................ 17
4. CARD NOT PRESENT TRANSACTIONS ................................................................................................... 17 4.1 Card Not Present Background .................................................................................................................... 17 4.2 Fraud Prevention ........................................................................................................................................ 17 4.3 E-commerce Transactions .......................................................................................................................... 18 4.4 Mail and Telephone Orders ........................................................................................................................ 18 4.5 Recurring Payments ................................................................................................................................... 18 4.6 Future Delivery and Installment Transactions ........................................................................................... 19 4.7 Health Care Transactions ........................................................................................................................... 20 4.8 Receipts ...................................................................................................................................................... 20
5. AMERICAN EXPRESS ................................................................................................................................... 20 5.1 Rules .......................................................................................................................................................... 20 5.2 Settlement and Information Sharing .......................................................................................................... 20 5.3 Conversion ................................................................................................................................................. 21
6. DATA SECURITY ........................................................................................................................................... 21 6.1 Merchant Obligations ................................................................................................................................. 21 6.2 Security Measures ...................................................................................................................................... 21 6.3 Truncation .................................................................................................................................................. 22 6.4 Personal Information .................................................................................................................................. 22 6.5 Security Audits ........................................................................................................................................... 23
3
6.6 Privacy Policy ............................................................................................................................................ 23 6.7 Passwords ................................................................................................................................................... 23 6.8 Confidential Information Treatment .......................................................................................................... 23 6.9 Trade Secrets .............................................................................................................................................. 24
7. AUDITS AND MONITORING ....................................................................................................................... 24 7.1 Finances ..................................................................................................................................................... 24 7.2 Inquiries and Inspections ............................................................................................................................ 24 7.3 Audits ......................................................................................................................................................... 24 7.4 Cooperation with Audits ............................................................................................................................ 25 7.5 Information................................................................................................................................................. 25 7.6 Monitoring ................................................................................................................................................. 25
8. ADDITIONAL POLICIES AND PROCEDURES......................................................................................... 25 8.1 Third-Party Service Providers .................................................................................................................... 25 8.2 Hold Period ................................................................................................................................................ 26 8.3 Payments .................................................................................................................................................... 26 8.4 Chargebacks ............................................................................................................................................... 26 8.5 Trademarks................................................................................................................................................. 27 8.6 Signage ....................................................................................................................................................... 27 8.7 Liability ...................................................................................................................................................... 27 8.8 Card Brand Rights ...................................................................................................................................... 28 8.9 Insurance .................................................................................................................................................... 28 8.10 IRS Withholding Regulations .................................................................................................................... 28 8.11 BIN Information ......................................................................................................................................... 28 8.12 Lodging and Vehicle Rental Transactions ................................................................................................. 28
9. EQUIPMENT AND SOFTWARE .................................................................................................................. 29 9.1 Use of Equipment ....................................................................................................................................... 29 9.2 Purchase of Equipment .............................................................................................................................. 29 9.3 Lease of Equipment.................................................................................................................................... 29 9.4 Installation of Equipment ........................................................................................................................... 29
10. DEBIT CARDS ................................................................................................................................................. 29 10.1 Sponsorship ................................................................................................................................................ 29 10.2 Participation ............................................................................................................................................... 30 10.3 Compliance ................................................................................................................................................ 30 10.4 Payline and Debit Sponsor Rights .............................................................................................................. 30
11. EBT TRANSACTIONS .................................................................................................................................... 30 11.1 Definitions .................................................................................................................................................. 30 11.2 Issuance ...................................................................................................................................................... 30 11.3 EBT Procedures ......................................................................................................................................... 30 11.4 Additional Indemnification ........................................................................................................................ 30 11.5 Legal Process ............................................................................................................................................. 31
12. GUARANTY ..................................................................................................................................................... 31 12.1 Personal Guaranty ...................................................................................................................................... 31 12.2 Recourse ..................................................................................................................................................... 31 12.3 Status .......................................................................................................................................................... 31 12.4 Liability ...................................................................................................................................................... 31 12.5 Reinstatement ............................................................................................................................................. 32 12.6 Status .......................................................................................................................................................... 32 12.7 Representations and Warranties ................................................................................................................. 32 12.8 Additional Terms ....................................................................................................................................... 32
4
1. GENERAL INFORMATION
1.1 Introduction
Payline Data Services, LLC (“Payline”) has prepared this Merchant Guide (this “Guide”) for use by the
merchant (“Merchant”) who has entered or is entering into an agreement with Payline (“Merchant
Agreement”) for Payline’s payment processing services (“Services”). This Guide is designed to facilitate
compliance with the rules and requirements, safety and security, and effectiveness of the payment card
system provided as part of the Services. This Guide is incorporated into and made part of the Merchant
Agreement, and any failure to adhere to the requirements in this Guide shall constitute a breach of the
Merchant Agreement.
1.2 Definitions
Capitalized terms that are used but not defined in this Guide will have the meanings for such terms set
forth in the Merchant Agreement. Capitalized terms that are used in this Guide and not defined elsewhere
will have the following meanings:
(a) “Account” means Merchant’s depository account designated on the Merchant Application, or
such other account submitted by Merchant and approved by Payline and Bank.
(b) “Authorization” means a request submitted by Merchant in accordance with guidelines and Rules
issued by Payline, Bank, the Issuer, and the applicable Card Brands to verify that the Card has
been issued, is in good standing, and has an available balance or credit limit sufficient for the
requested amount.
(c) “Bank” means the financial institution selected by Payline as a sponsor of certain Services
provided to Merchant. The Bank applicable to the Services is the financial institution identified in
the Merchant Agreement, or such other financial institution as selected by Payline from time to
time in its sole discretion.
(d) “Card” means a valid credit, debit, prepaid, or other type of supported payment card bearing the
symbol of a Card Brand or an account number, token, or other credential validly issued by an
Issuer for the purposes of allowing a Cardholder to purchase goods or services over a Card
Brand’s network.
(e) “Card Brands” means Visa, Inc., MasterCard Incorporated, Discover Financial Services,
American Express Company, Diners Club International, Ltd., JCB International Co., Ltd., each
Debit Network, any other Card-sponsoring organization or association that contracts with Payline
and/or Bank to settle merchant sales transactions, and the subsidiaries, successors, and assigns of
the foregoing.
(f) “Cardholder” means the authorized holder of a Card.
(g) “Confidential Information” means all information regarding a Card, Cardholder, Payline, Bank,
Debit Sponsor, a Card Brand, or the Services, including: Card numbers, expiration dates,
verification codes, or other security codes; Cardholder names or identification numbers; Payline’s
and its vendors operations, application programming interfaces, systems, methodologies,
marketing strategies, customer lists, vendor lists, and guidelines; any usernames, passwords, or
other credentials issued or used in connection with the Merchant Agreement or the Services; the
terminal build file information; the merchant identification number issued to Merchant; all
reports, statements, and other documentation provided to Merchant by Payline or its
representative or otherwise made available to Merchant pursuant to the Merchant Agreement; this
Guide; the fees, expenses, and other pricing information established for Merchant pursuant to the
Merchant Agreement; all personally identifiable information; statements, invoices, and reports
5
provided or available to Merchant from Payline or its vendors; records; and all information
accessible or available to Merchant from Payline, including through any online merchant portal
made available to Merchant.
(h) “Debit Network” means each debit network through which transactions may be routed by
Payline, the Bank, and/or the Debit Sponsor. The Debit Networks may include, but are not
limited to Accel, NYCE, Pulse, Star, Shazam, AFFN, Interlink, Maestro, and CU24. The
supported Debit Networks may be changed by Payline and/or Debit Sponsor from time-to-time in
their sole discretion and without notice to Merchant.
(i) “Debit Sponsor” means Bay Bank FSB, a Maryland banking corporation or such other financial
institution selected by Payline from time-to-time, as a sponsor of debit Services provided to
Merchant.
(j) “EBT Rules” means Quest Operating Rules, as amended from time to time, issued by the
National Automated Clearing House Association as approved by the Financial Management
Service of the U.S. Treasury Department.
(k) “Include” or “Including” whether or not capitalized, mean including but not limited to.
(l) “Issuer” means the financial institution that issues a Card to a Cardholder.
(m) “Law” or “Laws” means all foreign, federal, state, and local laws, rules, and requirements,
including the requirements of any governmental agency or regulatory body and all judgments and
orders issued by a court.
(n) “Merchant Application” means the merchant application for payment processing services that
was submitted by or on behalf of Merchant for use of the Services, electronically or in writing,
including all information and/or documentation received in connection therewith.
(o) “PCI Requirements” means the then-current standards, requirements, guidelines, and practices
promulgated by the PCI Security Standards Council, LLC, including the Payment Card Industry
Data Security Standards and the Payment Application Data Security Standards.
(p) “Personal Information” means all information relating to a Cardholder or other person, including
their name, address, phone number, email, bank account, Card number, driver’s license, social
security number, transaction history, and all other personal or personally identifiable information
related to such person or their payment method.
(q) “Rules” means the then-current rules, requirements, standards, procedures, guidelines, and
procedures of each Card Brand and the PCI Requirements.
(r) “Voice Authorization Center” means the center hosted by Payline or its vendors which can be
contacted at (800) 291-4840.
1.3 Laws
Merchant is solely responsible for complying with all applicable Laws. In certain jurisdictions, the Laws
regarding Merchant’s business and/or payment acceptance may conflict with this Guide. If such conflict
occurs, the Law shall control with respect to the conflicting provision. Merchant must continue to comply
with all provisions in this Guide which do not conflict with the Law. Merchant will not take any action or
fail to take any action which would cause Payline, Bank, Debit Sponsor, or their vendors to violate any
Law.
1.4 Rules
Merchant is solely responsible for complying with all applicable Rules. If a conflict occurs between any
provision in this Guide and a Rule, the Rule shall control with respect to the conflicting provision.
Merchant must continue to comply with all provisions in this Guide which do not conflict with the Rules.
6
Merchant will not take any action or fail to take any action which would cause Payline, Bank, Debit
Sponsor, or their vendors to violate any Rule. Upon Merchant’s reasonable written request to Payline, a
copy of the Rules or a portion thereof may be provided to Merchant. The most common Rules are
accessible on the Card Brand’s and standards organizations’ respective websites:
American Express: https://www.americanexpress.com/
Discover: https://www.discovernetwork.com/en-us/
MasterCard: https://www.masterCard.us/en-us.html
PCI Security Standards Council: https://www.pcisecuritystandards.org/
Visa: https://usa.visa.com/
1.5 Merchant Responsibilities
Merchant is solely responsible for: (a) reading, understanding, and abiding by the terms of the Merchant
Agreement and this Guide; (b) remaining up-to-date on and compliant with all Rules and Laws; (c)
properly implementing and using the payment platform and all associated hardware and software; (d)
following industry best practices regarding payment acceptance; (e) immediately notifying Payline of any
modification to Merchant’s business or payment acceptance process, including any changes in its direct or
beneficial ownership, name, doing-business-as name, entity type, practices, sales methods, products,
services, tax identification numbers, card acceptance methods, or projected volume; and (f) cooperating
with Payline and Bank by promptly providing all information requested by Payline or Bank. The
information which may be requested by Payline includes, but is not limited to, the official and doing-
business-as names of Merchant, Merchant’s tax identification number, the names of each actual and
beneficial owner of Merchant, Merchant’s sales methods, Card acceptance methods, business hours,
projected volume, and any modifications to the foregoing, and any other information reasonably required
by Payline to verify Merchant’s Application or to verify compliance with the Merchant Agreement or any
applicable Laws or Rules.
1.6 Payline and Bank Responsibilities
Bank is primarily responsible for: the Merchant relationship; the establishment of all management and
operating policies relating to debit and credit card processing; the transfer of funds, including the
settlement of transactions; holding and managing the reserve accounts (as provided in the Merchant
Agreement); and maintaining sponsorship into the Card Brands. Payline is an agent of Bank for purposes
of the Merchant Agreement and the Services, and does not have access to any account for funds due to
Merchant or withheld from Merchant pursuant to the Merchant Agreement. Any services provided in
addition to the foregoing, or supplemental to the foregoing, will be provided by Payline or its vendors
(but not Bank) unless otherwise indicated. Additional terms and conditions may apply with respect to
such other services.
1.7 Updates to this Guide
This Guide may be updated by Payline at any time in its sole discretion, with or without notice to
Merchant. Merchant is responsible for monitoring this Guide for revisions and implementing any
modifications or changes needed to comply with this Guide prior to using any Services. The most recent
version of this Guide will be available through Payline’s online web-portal. An updated version of this
Guide may be provided to Merchant in hard copy upon Merchant’s reasonable written request to Payline.
1.8 Customer Service
Payline’s contact information is listed on the cover page to this Guide. Payline welcomes any questions or
concerns regarding the Services or this Guide. When contacting Payline’s customer support team, please
have the applicable Merchant identification number available so representatives can provide faster
assistance.
7
2. GENERAL CARD ACCEPTANCE PROCEDURES
2.1 Card Acceptance
Merchant must carefully design, implement, and maintain its process for accepting Cards. The method
and approach to accepting Cards has a substantial influence on the likelihood of fraud or chargebacks.
Merchant may elect to accept or not to accept certain Card Brand Cards (for example, those Cards
branded with the marks of Visa, Inc., MasterCard Incorporated, Discover Financial Services, or other
Card Brands) as set forth in the Rules applicable to each such Card Brand. In particular, Merchant may
elect to accept or not accept credit cards, debit/prepaid cards, or both of each such Card Brand by making
such election on the Merchant Application. Merchant may subsequently modify an election regarding
limited acceptance by providing written notice to Payline. Note, however, that any such election will not
be effective until Payline receives such written notice and has a reasonable time to act on it.
Merchant is solely responsible for monitoring the Cards it accepts at its location, and Payline may, but
will not be obligated to, process any transaction submitted, even if such transaction is using a payment
method which Merchant has elected not to accept. All relevant provisions in this Guide and the Merchant
Agreement will apply to each transaction submitted by Merchant and processed by Payline, even if such
transaction falls outside of Merchant’s acceptance scope, and Merchant will be charged the fees
corresponding to such transaction. Payline may also, at its sole discretion, decline or refuse to process any
transaction falling outside of Merchant’s acceptance scope.
If a Cardholder’s identification or the Card’s (or other financial transaction device’s) validity is uncertain,
Merchant must contact the Issuing Bank for instructions.
Merchant will not bill or collect from a Cardholder for any purchase or payment on a Card unless a
chargeback has been exercised, Merchant has fully paid for such chargeback, and Merchant otherwise has
the right to bill or collect from such Cardholder.
Merchant will ensure the Cardholder understands that Merchant is responsible for the transaction,
delivery of goods or provision of services, and for customer service and dispute resolution.
2.2 Transaction Processing
Merchant will submit all transactions for processing promptly, within twenty-four (24) hours or such
other timeframe specified by Payline policies, and in all cases within the timeframes set forth in the
Rules. Merchant will not submit any transaction which may damage the goodwill of a Card Brand or
negatively affect a Card Brands name, logo, or other trademarks. Merchant will only submit transactions
in the US, unless otherwise authorized in writing. Merchant will not submit any transaction that arises
from the acceptance of a Card at a scrip-dispensing terminal, unless expressly authorized by Payline in
writing.
2.3 Minimum/Maximum Transaction Amounts
Merchant may only set minimum and/or maximum transaction amounts for the use of a credit card if
permitted by the Rules and applicable Law, such amounts not to exceed those limitations set by the Rules
or Law. Minimum and maximum transaction sizes cannot be set for debit cards.
2.4 Collection and Retention of Personal Information
All Personal Information should only be collected and stored if permitted by Law and if such information
is required to fulfill a Cardholder’s transaction, such information is requested without regard to payment
method, or Payline or a Card Brand specifically request or require such information. Except as permitted
by Law, a Merchant may not require any Cardholder to provide any Personal Information as a
prerequisite or condition to any sale.
8
All Personal Information must be secured and protected in accordance with the data security requirements
set forth in this Guide and in the Merchant Agreement. To the extent Personal Information is received by
Merchant, Merchant should not store or otherwise record such Personal Information unless strictly
necessary for the transaction or as otherwise set forth in the Merchant Agreement, this Guide, or the
Rules.
2.5 Taxes
Any taxes that Merchant is required to collect must be included in the total transaction amount. Merchant
should never collect taxes separately in cash.
2.6 Merchant Descriptor
When Cardholders receive their monthly statement from their respective Issuers, each transaction entry
will state the merchant name, in addition to other relevant information. Accordingly, to ensure that
Cardholders recognize authorized transactions, it is critical that Merchant’s name is clearly identifiable to
the Cardholder.
Therefore, on its Application, Merchant must list its preferred “doing business as” (DBA) name, in
addition to the legal name of the Merchant entity. The Merchant DBA name may differ from the legal
name (which can represent the corporate owner or parent company), and may differ from the owner’s
name which, for sole proprietorships, may reflect the business owner. To verify that Merchant is using the
DBA name that is most recognizable to Cardholders, Merchant should ensure that the chosen DBA name
is displayed on Merchant’s signage, telephone directory listings, and marketing material.
Payline will determine how the merchant descriptor will be identified to the Cardholder and will consider
Merchant’s requested input into such decision. To minimize chargebacks, Payline recommends including
Merchant’s phone number in the descriptor field. The merchant descriptor will likely be formatted as
follows:
[Merchant DBA Name] [Merchant Phone Number]
2.7 Prohibited Transactions
Certain transactions are prohibited by the Card Brands. The processing of prohibited transactions may
result in termination of the Merchant Agreement, a chargeback, fines and assessments from the Card
Brands, and/or legal action against Merchant, among other potential consequences. Merchant must
identify and prevent prohibited or unlawful transactions from occurring. This obligation includes training
employees to accurately identify and prevent prohibited transactions.
Prohibited transactions include, but are not limited to:
• accepting a Card to collect or refinance an existing debt, previous Card charges, or for the
collection of a dishonored check or other prior payment method;
• accepting a Card for the payment of cash or a cash equivalent;
• accepting a Card for the purchase of scrip or any paper currency or a token issued for temporary
use;
• splitting a transaction, including to avoid Authorization requirements;
• submitting the same transaction more than once;
• submitting the same transaction to Payline and any other payment processor;
• any transaction for which the Cardholder’s authorization has been cancelled or revoked;
• transactions for goods or services not provided by Merchant or not set forth on the Merchant
Application;
• transactions for which an approved Authorization code has not been received;
• personal transactions by Merchant or its owners or executives, including use of a personal Card to
withdraw cash;
9
• transactions declined by the Voice Authorization Center; and
• resubmitted transactions previously charged back.
Certain classes of products and services are also prohibited under the Rules or applicable Law, or are
otherwise precluded by Payline. Merchant may not, in any circumstances, sell any prohibited or unlawful
product or service. Such prohibited products and services include, but are not limited to:
• Any products which would cause
Merchant to fall under merchant
category codes 5962 (direct marketing
travel related), 5966 (outbound
telemarketing merchant), 5967 (inbound
teleservices merchant), 7995 (betting-
lottery/casino chips/OTB), or 4813 (key-
entry telecom merchant).
• Any products that would require
Merchant to register with the Card
Brands as a high risk merchant.
• Any prohibited products and/or services
per Bank Underwriting Guidelines
(which may be updated by Bank at any
time).
2.8 No Laundering Transactions
Merchant will only submit to Payline transactions which result from the bona fide sale of goods and services
from Merchant to a Cardholder from its place of business set forth on the Merchant Application. Submitting
transactions or processing activity for a different business is strictly prohibited, and in many states such activity
constitutes a violation of the Law. Laundering schemes, in which a Merchant is paid or otherwise used to submit
or process transactions for a different person or company often result in substantial chargebacks and liability for
Merchant and are strictly prohibited.
2.9 No Waiver by Cardholders
Merchant must not transfer financial liability to any Cardholder or ask or require any Cardholder to waive the
right to dispute a transaction.
2.10 Returns
Merchant may not submit any return, refund, or other credit to Payline for processing which does not correspond
to the return of one or more items from a bona fide sales transaction between Merchant and a Cardholder. All
returns, refunds and credits issued by Merchant shall be in the same form as the payment received for the
underlying sale. For example, if a purchase was made using a particular Card, the return must be made by
crediting the same Card. Except to the extent the Rules provide otherwise, Merchant will not issue cash refunds
for purchases made with a Card or issue cash in exchange for Card transactions. Merchant will not submit a
credit transaction in exchange for cash, a check, or any other payment instrument. Merchant will not submit any
transaction for the purposes of obtaining or providing a cash advance or deposit of funds into its Account.
Any conditions or requirements associated with the return of merchandise to Merchant or the issuance of
refunds by Merchant must be clearly disclosed at the time of purchase and set forth on the order form or
transaction receipt using the required disclosure language set forth in the Rules. Merchant may not adopt return
or refund policies which discriminate against any Card Brand or payment type.
If a Cardholder seeks to exchange one or more goods purchased from Merchant, unless the values of the original
purchase and the item for which the original purchase is being exchanged are identical, it is a best practice to
issue a refund for the original purchase and process a sale for the new item, each of which shall be subject to and
10
in accordance with all requirements for refunds and for sales, respectively. Merchant must honor the return and
refund policy presented to the Cardholder in accordance with the Rules.
To process a return, Merchant should request the Card used in the original transaction and verify that the
number on the Card presented is identical to the account number on the transaction record. If the Cardholder
does not have the Card used in the original transaction, Merchant should use the name, Card number, and Card
expiration date on the transaction record for the refund. Credits should be entered and submitted in accordance
with the operating manual for Merchant’s point of sale device. Payline will have no obligation to process any
credits not properly received. If Merchant does not have a printer connected to its point of sale device, Merchant
must use an imprinter to capture Merchant’s Card and identification information and shall verify and ensure that
all such information is legible on all copies.
Merchant should track inventory and its customers and employees to prevent the “return” of items not
purchased.
2.11 Surcharges, Discounts and Convenience Fees
Unless prohibited by Law, Merchant may surcharge credit card transactions in accordance with the Rules.
Merchant must notify Payline and Bank (and if required by the Rules, each applicable Card Brand) at least thirty
(30) days prior to implementing any surcharge. Notice must be provided to Payline and the Bank in writing, and
may be provided to each Card Brand in accordance with the surcharge notification procedures established under
the Rules. Certain states may prohibit surcharges. Merchant is responsible for not imposing surcharges where
prohibited by Law.
Surcharges may be fixed or variable, but the same surcharge must apply to all credit card transactions or to all
transactions of the same credit product type. Merchant will prominently disclose all surcharges at its location
and during the checkout or payment process. Merchant must allow any Cardholder to cancel the transaction
during the checkout process after the surcharge has been disclosed.
Merchant may not exceed the maximum surcharge amounts allowed under the Rules (for example, the current
maximum surcharge for Visa and MasterCard is 4%). Merchant may also not levy a surcharge on any debit
transaction. The Rules may require Merchant to publicly disclose its surcharge practices to customers at the
store entry point and/or at the point of sale. All surcharge practices must be in compliance with applicable Laws
and Rules, and no surcharging activity may violate or circumvent any applicable Law or Rule. For information
on, and further links to, surcharge considerations, requirements, limitations and Card Brand surcharge
registration pages, please visit each Card Brand’s website.
Merchant may offer a discount or in-kind incentive as an inducement for a Cardholder to use a means of
payment that the Merchant prefers, provided that the discount: (a) is clearly disclosed as a discount from the
standard price; (b) is non-discriminatory, by providing the same discount for all Cards accepted; (c) does not
differentiate on the basis of the Issuer or the Card Brand; and (d) is in accordance with applicable Laws and
Rules.
If the Merchant Agreement permits Merchant to accept payments through an alternative payment channel,
Merchant may be eligible to charge a convenience fee, provided that the fee is:
• charged for a bona fide convenience in the form of an alternative payment channel outside Merchant’s
customary payment channels;
• disclosed as a charge for the alternative payment channel convenience;
• added only to a non-face-to-face transaction (note that if a mail order or electronic commerce
Merchant’s payment channels are exclusively non-face-to-face, such Merchant may not impose a
convenience fee);
• a fixed amount, regardless of the value of the payment due;
• applicable to all forms of payment accepted in the alternative payment channel;
• disclosed before the completion of the transaction (with the Cardholder having an opportunity to cancel
the transaction after such disclosure but before transaction completion);
• included as part of the total amount of the transaction;
11
• charged only to non-recurring transactions (convenience fees may not be added to recurring
transactions);
• not charged if a surcharge is already charged (a transaction may not include both a surcharge and a
convenience fee); and
• charged only by Merchant and not by any third party.
Not all transaction types are eligible to be surcharged or allow the charging of convenience fees. Similarly, not
all Merchants may surcharge or charge convenience fees. Prior to implementation, and on an ongoing basis,
Merchant must ensure its use of a surcharge or convenience fee complies with all Rules and Laws. If Merchant
has any questions regarding surcharges or convenience fees, Merchant should contact Payline for further
clarification.
2.12 Debit Cards
If Merchant elects to accept debit cards as part of its limited acceptance option, Merchant will display each
Debit Network logo at Merchant’s location in accordance with the applicable Rules for such Debit Network.
Merchants with a PIN pad should promote use of a PIN for debit transactions.
For each debit transaction, Merchant’s point of sale device must:
• provide a receipt to the Cardholder at the time of the transaction;
• be capable of reading the EMV chip, if the debit card contains an EMV chip, or otherwise all tracks on
the debit card’s magnetic stripe; and
• include an attached keypad to allow Cardholder’s entry of a PIN.
With respect to debit transaction, Merchant may not:
• ask any Cardholders to disclose their PIN number;
• require a Cardholder signature for an online PIN-debit transaction;
• impose a fee as a condition for accepting a debit card;
• provide cash back during an offline debit transaction; or
• set any minimum or maximum transaction amount for any debit transaction.
Merchant will honor all valid debit cards with terms at least as favorable as those under which Merchant accepts
any other Card. Copies of the records associated with each debit card transaction should be maintained for at
least seven (7) years after the debit transaction (or such longer period required by the Rules, Law, or Payline).
Additional requirements and guidelines for processing debit transactions are set forth below in this Guide.
2.13 Transaction Types
Each transaction processed has an associated transaction type recognized by the Card Brands. Merchant may
only process those transaction types designated by Merchant on the Application and for which Merchant has
been approved to use by Payline. For example, if Merchant has designated that it only accepts Card present
transactions on the Merchant Application, Merchant will obtain written approval from Payline prior to
submitting any Card not present transactions. All Card present transactions and Card not present transactions
must adhere to and comply with the respective sections for such transactions set forth in this Guide.
Each submitted transaction must have all required transaction information, including the Merchant’s name,
account number, location, Card account number (or a token generated through Payline’s Services), transaction
date, the Authorization number, the total amount of the sale (including taxes), and any other information
required based on the transaction method and type. Merchant’s failure to comply with this obligation may result
in Payline’s inability to process the transaction, chargebacks, higher interchange rates, or other fees and
expenses, all of which shall be the responsibility of Merchant.
2.14 Transaction Proceeds
Merchant will not, without Payline’s prior written consent, assign to any third party any payments due to it
under the Merchant Agreement or provide any third party with any interest in amounts receivable under the
12
Merchant Agreement. All transactions Merchant submits must be free of all liens, claims, and encumbrances,
other than ordinary sales taxes.
2.15 Restrictions
Payline and/or Bank may impose a limit on the periodic gross volume amount and/or per transaction volume
amount that Merchant may submit. Payline or Bank may modify any such limit at any time in their sole
discretion and Merchant will not submit any transaction which would cause Merchant to exceed such volume
limits. Processing limits will be communicated to Merchant in connection with the Merchant Agreement or
Merchant Application. If Merchant submits a transaction in excess of the volume limits established by Payline
and/or Bank, Payline and/or Bank may, at their sole discretion: (a) decline to process the transaction; (b) process
the transaction normally; (c) process the transaction but hold or place the proceeds of such transaction in a
Reserve Account held by Bank as security for Merchant’s obligations and liabilities under the Merchant
Agreement until all risk associated with the transaction, including risk of chargebacks or disputes, fully expires;
(d) return all transactions without processing them; and/or (e) assess over limit fees.
3. CARD PRESENT TRANSACTIONS
3.1 Card Present Background
Card present transactions consist of transactions in which the Cardholder and their Card or other payment
credential are physically present at the point of and time of sale. Merchant shall take the following steps with
regard to each Card present transaction:
• ensure the Card is valid;
• swipe the Card for magnetic stripe, insert the Card to read the EMV chip, or access the contactless
credential using near field communication, to request transaction Authorization; and
• use the point of sale equipment in accordance with its specifications or user manual (contact Payline if
any issues arise regarding the equipment).
Cards may not be used by any third party. Purported “authorization forms” or “letters of authorization” are not
sufficient to allow a third party’s use of a Card as sharing Cards is not permitted. Merchant should only process
Cards for the individual whose name is on the Card.
3.2 Fraud Prevention
Merchant should regularly inspect the equipment used by Merchant and use software security evaluation
methods to prevent devices such as skimmers from being used or phone or internet connections from being
tapped.
Merchant should use the fraud controls set forth in its point of sale device, which may include but are not
limited to requiring the Merchant to enter the last four digits of the account number and using EMV rather than
the magnetic stripe to read the Card. If Merchant’s point of sale equipment is unable to read an embossed Card,
Merchant may accept such Card as payment by using an imprinter in accordance with the Rules and this Guide.
If a non-embossed Card cannot be read by Merchant’s point of sale equipment, Merchant must request a
different form of payment.
Merchant should pay special attention to orders that leave out important information, orders in which the billing
and shipping addresses do not match, unusually large and international orders, and other orders which appear
unusual or suspicious.
Merchants should also pay special attention to Cardholders which attempt to distract the cashier, whether
through attempts to rush the checkout process or through complaints about the cashier or circumstances at the
store.
IMPORTANT: Merchant’s adherence to processes and procedures set forth in this Guide will not relieve
Merchant of any liability associated with any transaction, including but not limited to liability for any
13
chargeback. Merchant’s adherence to this Guide will neither guarantee that any transaction is valid or
authorized, nor guarantee that any transaction will not result in a chargeback.
3.3 Card Validity
Merchant will ensure each Card or other payment credential is valid. Merchant may use any means allowed by
the Rules and Law to verify the validity of each Card or other payment credential. This should minimally
include inspecting the security features and elements of each Card presented to Merchant, some of which are
described below.
Each Card should be smooth, even, and not discolored. If any Card is physically altered in any way it should not
be accepted and Merchant should request an alternative payment method. If any portion of a Card shows
evidence of tampering, including but not limited to the printed or embossed numbers, the magnetic stripe, the
EMV chip, or the signature panel, Merchant should request a different payment method. If any Card is too
damaged to be read, Merchant may ask for a different form of payment.
The following is a reference for Card attributes associated with various Card Brands:
• Visa. Visa Card account numbers begin with the number four (4) and the card number can be up to
nineteen (19) digits. A three-dimensional dove hologram should appear to move on the label as a Visa
Card is tilted. All digits should be clearly embossed and the same size and shape, however certain gift,
prepaid, and reloadable Cards may have the Card number printed but not embossed. The last four digits
of the account number should also be printed below the embossed Card number. The word “Visa”
should be written in blue and gold print and repeated in a diagonal pattern in the signature block on the
Card. The CVV2 (a three (3) digit code) should be printed on or next to the signature block of the Card.
An italicized “V” should appear by the Card expiration date.
• MasterCard. MasterCard Card account numbers begin with the number two (2), followed by a number
in the range two (2) to seven (7) inclusive; or the number five (5), followed by a number equal to or less
than five (5) inclusive. The name and account information may be embossed or printed, but should be
clear and uniform in size and spacing. The MasterCard logo showing overlapping globes and the
continents will appear as a hologram on the front or back of the Card and should appear three-
dimensional when the Card is tilted. The word MasterCard will appear in the background of this
hologram. If a four (4) digit number is printed on the Card, it should match the first four digits of the
account number. The word “MasterCard” will be printed at a forty-five (45) degree angle in the
signature block.
• Discover. Discover Card account numbers begin with the number six (6) and should be clear and
uniform in size and spacing. When placed under an ultraviolet light, the word “DISCOVER” should
appear on the front of the Card. The signature panel will read “VOID” if someone has attempted to
erase the signature. On the back of a Discover Card, the Card number should be followed by the
Cardholder identification data.
• JCB. JCB Cards may be processed through the Discover network. JCB Card account numbers begin
with the number thirty-five (35). All digits on the Card should be evenly spaced and uniform. The word
JCB will appear in ultraviolet ink on the bottom left corner of the Card under ultraviolet light. The first
four digits of each JCB Card should match the pre-printed number on the Card, and the signature panel
will have the text “JCB” in blue and green.
Please refer to Card Brand websites for the most specific and current Card attributes.
American Express: https://www.americanexpress.com/
Discover: https://www.discovernetwork.com/en-us/
MasterCard: https://www.masterCard.us/en-us.html
Visa: https://usa.visa.com/
14
For each Card presented to Merchant, Merchant should compare the last four digits of the account number
printed or embossed on each Card to the number set forth on the transaction receipt or other transaction
documentation generated by Merchant’s point of sale system after reading the EMV chip or magnetic stripe on
such Card. If the numbers match, Merchant may request Authorization. If the numbers do not match, Merchant
should call the Voice Authorization Center, tell the operator “code 10,” and follow the instructions provided by
the Voice Authorization Center operator. Merchant should also verify that the transaction date falls within the
dates during which the Card is valid.
3.4 Cardholder Identification and Verification
Merchant should identify the Cardholder and check the expiration date and signature on each Card. Merchant
must not honor any Card if: (a) the Card has expired; (b) the signature on the sales draft does not correspond
with the signature on the Card; (c) the account number embossed on the Card does not match the account
number on the Card’s magnetic stripe (as printed in electronic form); or (d) the Card was declined as a result of
an Authorization attempt. Merchant may not require a Cardholder to provide personal information, such as a
home or business telephone number, a home or business address; or a driver license number as a condition for
honoring a Card unless permitted by Law and/or the Rules.
3.5 Authorization
Merchant will request an Authorization response for each transaction. Certain transaction and Card information
is sent through Payline and the applicable Card Brand to the Issuer. The transaction may be approved or
declined by the Issuer. Payline has no control over whether the Issuer approves or declines a Card for any
transaction.
Merchant will obtain an Authorization for total amount of each transaction prior to the submission of such
transaction to Payline for processing. Merchant will not submit for processing any transaction for which
Merchant has not received an approved Authorization response, and all transactions with approved
Authorization responses must be submitted by Merchant to Payline within twenty-four (24) hours of such
Authorization, or such other time period as allowed by the applicable Card Brand for that transaction type.
Merchant acknowledges that a positive Authorization response does not relieve Merchant of its obligation to
verify the validity and authorization of the Card and Cardholder, nor does it constitute a representation,
warranty, or guaranty that: (a) the Card is valid or unexpired; (b) the person presenting the Card is an authorized
Cardholder; (c) the transaction will be accepted; (d) the transaction is not fraudulent; or (e) that the transaction
will not be charged back. Merchant will follow all instructions received during the Authorization process. Upon
receipt of an Authorization approval Merchant may consummate only the transaction authorized and must note
on the sales draft the Authorization number. Where Authorization is obtained and a transaction is submitted for
processing, Merchant will be deemed to warrant to Payline and Bank that it has verified the identity of the
person presenting the Card as the Cardholder and matched the Card to such Cardholder.
The most common Authorization responses are:
• Approved: This response means the Issuer has approved the transaction. The approval should be
automatically noted on the printed receipt; however, if an electronic printer is not used, the
Authorization code should be hand written onto the receipt.
• Declined or Card Not Accepted: This response means the Issuer did not approve the transaction.
Merchant should not process or submit any transaction which falls in this category. Merchant should
quietly inform the Cardholder that the Card has been declined and request a different payment method.
Merchant should not attempt to reauthorize the Card or authorize the Card for a smaller amount.
Merchant may, however, suggest that the Cardholder contact the Issuer for more information.
• Call: This response means the sales associate must call the Voice Authorization Center and follow the
operator’s instructions. If the Cardholder inquires about the process, Merchant may inform the
Cardholder that a voice Authorization is necessary to protect against fraud. In connection with each call
to the Voice Authorization Center, Merchant should be prepared to provide the operator with the
Merchant identification number, Cardholder account number, amount of the sale, and the expiration date
on the Card.
15
• Pickup: This response means the Issuer is requesting that the Merchant attempt to keep the Card rather
than return the Card to the Cardholder. Merchant should not, however, in any instance put themselves,
employees, customers, or any other person in danger; disturb the peace; or otherwise allow the situation
to escalate or turn violent.
If a response code is received which is not set forth above, Merchant should contact Payline or the Voice
Authorization Center for instructions on how to proceed. If an Authorization number is required, only use Voice
Authorization Center phone numbers provided directly to Merchant by Payline. Merchant should never use a
phone number provided by a Cardholder. If Merchant is ever unsure about the validity of a transaction or a
Card, Merchant should contact the Voice Authorization Center and state “code 10” to the operator. The operator
will assist Merchant with the transaction.
For debit transactions, a PIN may be required. Merchant should have the Cardholder enter the PIN on a PIN pad
that is compliant with all PCI Requirements and security requirements, including encryption requirements,
discussed in the security section of this Guide and in the Merchant Agreement. Signatures are not generally
required for PIN-debit transactions.
IMPORTANT: An “approved” Authorization does not guarantee that the Card is valid, that the transaction has
been authorized by the Cardholder, or that the transaction will not later be charged back. Merchant shall retain
all responsibility and liability associated with each transaction, even if such transaction has received an
“approved” Authorization response. Unless authorized by Payline in writing, Merchant shall only obtain an
Authorization for the full amount of the actual transaction (only select merchant types, such as hotels or car
rental businesses, are permitted to obtain Authorizations based on estimated amounts). Merchant shall not
request Authorizations for a small amount to check the status of a Card, and will be subject to misuse fees or
termination if Merchant does perform such status checks on Cards.
3.6 Receipt
Merchant should use an electronic printer to print the sales receipt and obtain the Cardholder’s signature on the
receipt. Merchant should retain a copy of each receipt and the related transaction documentation (but not
Personal Information) as protection against, and for use in, any dispute related to the transaction which may later
arise. Merchant should not modify a receipt or other transaction document after the transaction has been
completed.
Each receipt should be legibly imprinted with: (a) Merchant’s name, location and account number; (b) the
information embossed on the Card presented by the Cardholder (either electronically or manually, and truncated
if electronic); (c) the date of the transaction; (d) a brief description of the goods or services involved; (e) the
transaction Authorization number; (f) the total amount of the sale including any applicable taxes, or credit
transaction; and (g) adjacent to the signature line, a notation that all sales are final, if applicable.
Signatures. The signature on the receipt should be compared to the Cardholder’s signature on the Card. If the
signatures match, Merchant should return the Card and the Cardholder’s copy of the receipt. If the Cardholder’s
signature does not match the Cardholder’s signature on the Card and Merchant requests additional identification
information, such as a state issued driver’s license, Merchant should compare the name and signature on the
additional identification to those on the Card and receipt to evaluate if such signature matches. Also, if the
signatures do not match, or otherwise look suspicious, Merchant should ask for additional identification and call
the Voice Authorization Center to obtain further instruction before proceeding. If voice Authorization is used,
Merchant should handwrite the voice Authorization code provided onto both Merchant’s copy and Cardholder’s
copy of the transaction receipt. Note that signatures on receipts may not be required if the transaction receipt is
for less than certain dollar amounts, as permitted under the Rules.
Imprinting. If Merchant does not have a printer, Merchant may use an imprinter to create a transaction receipt
for an embossed Card. Merchant should place the Card face up on the imprinter and align the Card so that the
Card information and Merchant identification information will appear legibly on the sales draft. Move the
imprinter handle firmly across the transaction document and back. Verify that all imprinted information is
legible on all copies of the document. If any portion of the information is not visible or legible, destroy the
transaction document and use the imprinter to create a new one on which all information is visible and legible.
16
Use a ball point pen to enter the date, description of the merchandise or services, sales amount, approval code,
tax, total, and the sales associate’s initials or identification number. Have the Cardholder sign the receipt and
verify that the signature on the receipt matches the signature on the Card.
Truncation. All account numbers and certain identification information displayed on a printed receipt may be
subject to truncation requirements. The Card Brands require the truncation of the majority of the Card number
and expiration date, and Laws requiring the truncation of information vary based on jurisdiction. Merchant will
truncate all information requiring truncation under the Rules and applicable Law.
Retention. Merchant will provide a copy of each receipt and all related transaction documentation to Payline
upon Payline’s request. Requests related to a transaction are typically referenced by the transaction date,
Cardholder account number, and/or the transaction reference number. Therefore, Payline recommends Merchant
sort and store the receipts and other transaction documentation using these metrics. Merchant will retain all
copies of such documentation for at least seven (7) years, or such longer period of time required by Bank,
Payline, a Card Brand, or Law. The Card Brand required retention timeframes vary by Card Brand and are set
forth in the Rules for each.
No Multiple Receipts. Merchant shall not prepare more than one sales draft for a single sale or for a single item
and shall include all items or goods and services purchased in a single Transaction in the total amount on a
single sales draft except: (a) for purchases in separate departments of a multiple department store; (b) for
installment payments; or (c) for delayed or amended charges governed by the Rules for travel and entertainment
merchants and transactions.
3.7 Fallbacks and Forced Transactions
If a Card is equipped with an EMV chip, the transaction should be processed using the EMV chip rather than
through the magnetic stripe or keying in the transaction information. In most situations, the Cardholder inserts
the Card into the chip reader, not Merchant.
If the chip reader on Merchant’s point of sale device cannot read the Card’s EMV chip, the terminal should first
fall back to reading the Card’s magnetic stripe. Only if the magnetic stripe cannot be read should Merchant fall
back to key entry.
If an Authorization for an EMV-enabled Card is declined by the Issuer, the transaction must not be processed by
any other means, including but not limited to processing the transaction using the Card’s magnetic stripe.
Merchant will not allow any secondary Card reads (swiping of a Card) after an EMV chip is used to authorize a
transaction.
Note that while damage to the Card’s chip or magnetic stripe can happen accidentally, unreadable Cards may
also be a sign that the Card is counterfeit or has been altered. Therefore, be wary of Cards which cannot be read
by a point of sale device or for which the Cardholder requests the Merchant to key in the Card information. Such
transactions are more likely to be fraudulent or unauthorized, and thus have a greater likelihood of being
charged back. Merchants are more likely to see declines for fallback transactions than for valid EMV chip
transactions.
Any transaction authorized by phone must be subsequently entered into the point of sale system for processing.
Merchant shall follow the process for submitting a forced transaction set forth in the operating manual for
Merchant’s point of sale system. Merchant should ensure its staff is trained to follow the prompts on the
terminal to avoid higher levels of key-entered transactions. Merchant should contact Payline if Merchant is
having trouble entering this information or if Merchant’s point of sale system is not operating properly.
If Merchant’s terminal is unable to read either the EMV chip or magnetic stripe on the Card, Merchant must
obtain a phone Authorization (either via voice or automated response service, both of which may carry
additional fees) and Merchant must obtain an imprint of the Card and also obtain the Cardholder’s signature on
the imprinted sales draft before presenting the sales draft for processing. Failure to perform these additional
actions may result in the assessment of transaction surcharges or a rejected transaction. The pricing for each
voice Authorization is set forth in the Merchant Application.
17
3.8 Card Recovery
Merchant should use reasonable, best efforts and peaceful means to recover any Card if Merchant is advised by
Payline, Bank, the Issuer of the Card or the designated Voice Authorization Center to retain it, or if Merchant
has reasonable grounds to believe the Card is counterfeit, fraudulent or stolen, or not authorized by the
Cardholder.
IMPORTANT: The obligation or authority of Merchant to retain or recover a Card does not authorize a breach
of the peace or any injury to persons or property and Merchant will indemnify and hold Payline and Bank
harmless from any claim arising from any injury to a person or property, or other breach of the peace, in
connection with the retention or recovery of a Card.
4. CARD NOT PRESENT TRANSACTIONS
4.1 Card Not Present Background
All transactions which do not qualify as Card present transactions will be considered Card not present
transactions. Card not present transactions include mail order, telephone order, keyed, and e-commerce
transactions. Merchant will only accept and submit to Payline those Card not present transaction types which
Merchant has been approved by Payline to accept. Approval for all or certain types of Card not present
transactions is set forth on the Application, or will otherwise be conveyed to Merchant in writing by Payline.
If Merchant accepts both Card present and Card not present transactions, or if Merchant accepts more than one
type of Card not present transactions, Merchant will request from Payline one or more separate Merchant
identification numbers for use exclusively with each type of Card not present transaction. Merchant must clearly
identify each transaction by type, including identifying transactions which are e-commerce transactions.
4.2 Fraud Prevention
Merchant may, but is not required to (unless otherwise specified by Payline or required as part of a chargeback
reduction program) use verification of the Cardholder billing address or Card identification security features
(“CVV2” or “CVC2” or “CID”) to increase the likelihood that the Card is in the possession of the purchaser.
Certain Card Brands have additional online security tools to authenticate the Cardholder with their Issuer prior
to requesting an Authorization.
Merchant should pay special attention to orders that leave out important information, orders in which the billing
and shipping addresses do not match, unusually large and international orders, and other orders which appear
unusual or suspicious.
A substantial amount of fraud occurs in over-the-phone transactions. Merchant may want to avoid taking Card
numbers over the phone, if possible. For transactions involving the delivery of goods, Merchants should only
ship items to permanent addresses and avoid post office boxes, reception areas, or other areas in which tracking
becomes difficult if not impossible. For each transaction, Merchant should send to each Cardholder a copy of
the transaction receipt which is properly truncated.
IMPORTANT: Merchant understands that Card not present transactions tend to be higher risk transactions as
they are more likely to constitute fraud or be charged back. Merchant must follow the processes and procedures
related to each Card not present transaction set forth in this guide. Note that Merchant’s adherence to processes
and procedures set forth in this Guide will not relieve Merchant of any liability associated with any transaction,
including liability for any chargeback. Merchant’s adherence to this Guide will neither guarantee that any
transaction is valid or authorized, nor guarantee that any transaction will not result in a chargeback. Similarly,
any “approved” Authorization obtained in connection with a Card not present transaction does not guarantee
that the Card is valid, that the transaction has been authorized by the Cardholder, or that the transaction will not
later be charged back. Merchant shall retain all responsibility and liability associated with each transaction, even
if such transaction has received an “approved” Authorization response.
18
4.3 E-commerce Transactions
In connection with any transaction processed through Merchant’s website, Merchant’s website must contain the
following information in a manner that is readily apparent and available to the Cardholder, along with any other
information required by Payline or by the Rules or applicable Law:
• Merchant’s address (including but not limited to country of domicile);
• a complete and accurate description of the goods and services offered;
• return and refund policy (which must also be displayed on the checkout screen, not on a separate
screen);
• Merchant’s privacy policy;
• the type and method of security used during the transaction process;
• contact information for Merchant’s customer service;
• applicable transaction currency;
• Merchant’s delivery policy; and
• the Card Brand marks, displayed in accordance with the Rules.
Merchant is advised to implement security measures associated with the acceptance of transactions through its
website, including but not limited to velocity limiters (to prevent any one person or IP address from attempting
more than a set number of transactions within a fixed time period), captchas (to verify that a person is engaging
in the transaction), Cardholder validation tools, transaction filtering metrics, transaction size limitations, and
security solutions offered by the Card Brands such as Verified by Visa, MasterCard SecureCode, 3-D Secure
software, or others.
4.4 Mail and Telephone Orders
With respect to each transaction conducted by mail or telephone, Merchant shall obtain the Cardholder’s name,
Card account number, and expiration date. Each of these shall be recorded on the transaction documentation.
Merchant shall also obtain the Cardholder’s billing address, zip code, and CVV2, CVC2, or CID. Merchant may
under no circumstances record or retain the CVV2, CVC2, or CID, and shall only use such information to obtain
an Authorization.
On the receipt or other transaction documentation, Merchant will identify the goods or services sold, the total
price for such goods or services, and whether the order is a mail order or telephone order. Merchant will not
submit any transaction until the goods or services are shipped or performed.
Merchant will not submit any transaction to Payline for processing which has not been authorized in writing (for
mail order) or verbally (for telephone orders) by the Cardholder. Merchant will not submit any transaction to
Payline if the Cardholder’s authorization for such transaction has been revoked.
Merchant will enter all such transaction information into Merchant’s point of sale equipment in accordance with
the operating manual for such point of sale equipment. Merchant will provide a copy of the transaction receipt to
the Cardholder. Each transaction receipt will contain the Cardholder’s name, Card number, Card expiration date,
total cash price, description of the goods and services; and indicate the type of transaction (such fields to be
truncated as appropriate under the Rules and applicable law). Merchant will keep a copy of the transaction
documentation for seven (7) years after the transaction date, or such longer period of time required by the Rules
or Payline’s policies.
4.5 Recurring Payments
A recurring payment is an arrangement under which the Cardholder authorizes Merchant to charge the
Cardholder’s Card for pre-authorized amounts and/or at pre-authorized times. Recurring payments may be set
up or authorized in person or in a Card not present environment, but all transactions associated with a recurring
payment will be considered Card not present. To the extent the amounts and/or times for a recurring payment
are not pre-authorized, Merchant will send the Cardholder a written statement or receipt setting forth the amount
of and due date of each payment at least thirty (30) days prior to the transaction date, or such longer period of
time required by the Rules or applicable Law.
19
All requirements for a mail order/telephone order in this Guide must be met for each recurring payment.
Merchant must obtain from the Cardholder an order from with a written request for the goods or services to be
charged, which bears the Cardholders signature and the Cardholder’s authorization to charge the Card. The
phrase “recurring payment” must be displayed on the signature line of each recurring transaction receipt.
Merchant must retain the order form for at least the time during which the recurring services are provided and
for seven (7) years thereafter. The order forms used for recurring payments should specify:
• the transaction amount (unless the amount is variable and cannot be determined when the order form is
completed, in which case they will specify how the transaction amount is calculated);
• the frequency of the recurring charges; and
• the duration of time for which the Cardholder’s permission is granted.
With respect to each recurring transaction:
• a separate Authorization must be obtained;
• only authorized payment transactions resulting in “approval” Authorizations may be submitted (and no
transaction may be submitted after Cardholder authorization has been revoked);
• Merchant may not use the Card number except to submit the recurring payments;
• each recurring payment must be identified as such;
• each statement and transaction submission data must contain Merchant’s contact information in the
name or city field;
• the transaction receipt must contain the frequency and duration of the recurring payments; and
• if applicable, the payment must be identified as a bill payment in the transaction submission and
clearing process using the bill payment indicator.
Merchant may not do any of the following respect to recurring transactions:
• submit the transaction after the Cardholder has revoked authorization for such recurring payment;
• structure the recurring payment in a way which is confusing, or which, when at the time authorized, is
unclear to the Cardholder that a recurring payment is being authorized;
• charge a convenience fee;
• receive partial payment for goods or services purchased in a single transaction; or
• be submitted unless an “approved” Authorization code is received.
4.6 Future Delivery and Installment Transactions
Merchant may not present for processing any transaction representing a payment, partial payment or deposit for
goods or services to be delivered in the future, except with the prior written consent of Payline or as allowed
under the Rules and applicable Law. Unauthorized transactions for payment or partial payment of goods or
services to be delivered in the future may subject Merchant to penalties and/or assessments, and will be deemed
a breach of the Merchant Agreement.
If transactions for future delivery are authorized by Payline, Merchant must maintain sufficient working capital
to provide for the delivery of goods or services at the agreed-upon future date, independent of any credit or
proceeds resulting from the transaction, and Merchant may not rely on any proceeds or credit resulting from
such transactions to purchase or furnish goods or services. Merchant will complete and submit such transactions
only in accordance with the terms set forth in the Merchant Agreement, the Rules, and applicable Law.
Cardholders must obtain an Authorization for each payment, including a first transaction for paying a deposit
and a second transaction paying the balance of the amount due to Merchant. Merchant will indicate on the
transaction receipt the words “deposit” or “balance” as appropriate. Merchant may not submit a transaction or
receipt labeled “balance” until the goods have been delivered to Cardholder or Merchant has fully performed the
services.
20
4.7 Health Care Transactions
Merchant will not submit preauthorized healthcare transactions or transactions involving any health savings plan
unless such transactions are submitted in accordance with the Rules and Merchant has provided Payline with at
least fifteen (15) days prior written notice that it will be submitting such transactions.
4.8 Receipts
Merchant must generate, retain a copy of, and provide to the Cardholder a copy of a transaction receipt for each
Card not present transaction. Each transaction receipt must include:
• Merchant’s name (including any DBA or other name for Merchant which is recognizable to the
Cardholder);
• the purchaser’s name;
• Merchant’s customer service contact information, including but not limited to a locally accessible phone
number;
• a description of the goods and services;
• the transaction amount;
• the transaction date;
• the transaction type;
• a transaction number;
• an Authorization code;
• Merchant’s return/refund policy;
• Merchant’s website address;
• if applicable, the date any free trial period ends;
• any terms and conditions associated with the transaction; and
• any applicable cancellation policies.
Merchant will truncate all information on the receipt which requires truncation in accordance with the Rules and
applicable Law. Merchant may not modify any receipt or other transaction document after the transaction has
been completed. Merchant should supply the Cardholder with a copy of the transaction receipt for each
transaction at the time the purchased goods are delivered or the services are performed.
5. AMERICAN EXPRESS
5.1 Rules
In addition to the other American Express Rules, Merchant must comply with the then-current American
Express Merchant Operating Guide, which sets forth certain American Express card acceptance criteria,
Merchant responsibilities, and other information relevant to the processing of American Express cards. The
American Express Merchant Operating Guide may be accessed through the American Express website or by
visiting: www.americanexpress.com/merchantopguide.
Merchant agrees that American Express is a third party beneficiary to the Agreement and this Guide, which
means American Express has no obligations under the Agreement or this Guide, but may enforce the terms of
the Agreement and this Guide against Merchant.
Merchant may opt out of accepting American Express cards at any time without directly or indirectly affecting
its rights to accept any other cards or payment methods. If requested by American Express or Payline’s third-
party providers, or if fraudulent or other harmful activity occurs, Payline may terminate a Merchant’s ability to
accept American Express cards without prior written notice to Merchant.
5.2 Settlement and Information Sharing
By accepting American Express cards, Merchant consents to the settlement of funds from such cards from
Payline or its vendors, and/or directly from American Express. Merchant also consents to Payline’s disclosure
of Merchant, Merchant’s transaction information and data, and all other information regarding Merchant to
21
American Express. American Express may use such information to perform its obligations and services,
promote the American Express Network (as defined in the Rules), perform analytics, create reports, and any
other lawful business purpose, including without limitation commercial marketing purposes and transactional or
relationship communications. American Express may also use such information to screen and/or monitor
Merchant in connection with its marketing and administrative purposes.
Merchant may elect to opt out of receiving certain marketing messages from American Express by providing
written notice of such election to Payline. Merchant may continue to receive marketing communications while
American Express updates its records to reflect its choice. Opting out of commercial marketing
communications from American Express will not preclude Merchant from receiving important transactional or
relationship messages from American Express.
5.3 Conversion
If Merchant has estimated American Express charge volume greater than one million dollars ($1,000,000),
whether upon submission of the Merchant Application or anytime thereafter due to growth, with respect to
American Express transactions Merchant may be converted from the Agreement to a direct American Express
card acceptance relationship with American Express. Upon such conversion, Merchant will be bound by
American Express’ then-current card acceptance agreement and American Express will set the pricing and other
fees payable by Merchant for acceptance of American Express cards.
6. DATA SECURITY
6.1 Merchant Obligations
Merchant is solely responsible for adopting policies, procedures, tools, software, and practices necessary to
prevent the unauthorized access or use of Personal Information and other confidential information, including but
not limited to each Cardholder’s name, address, phone number, email address, Card number, and Card
expiration date.
Merchant agrees to adhere to the data security requirements of the Card Brands, including but not limited to
Visa’s Cardholder Information Security Program (detailed in the Visa Rules), MasterCard’s Site Data Protection
Program (detailed in the MasterCard Rules), and American Express’s Data Security Operating Policy, Data
Security Requirements, and Information Protection Contract Requirements (each as detailed in the American
Express Rules). Merchant shall fully comply with all PCI Requirements. Merchant shall ensure that all third-
party suppliers and vendors used by Merchant, and all software and equipment used by Merchant, fully comply
with PCI Requirements. Merchant will be liable for, and will fully indemnify, defend, and hold Payline and
Bank harmless against, any failure of Merchant or any third-party suppliers or vendors used by Merchant to
comply with the PCI Requirements (including without limitation against any fees, fines, penalties, or
assessments levied by any Card Brand).
6.2 Security Measures
Merchant shall design its systems with multiple security measures, such that if any one security measure fails all
data will remain protected under additional security measures and that such data will not be subject to
unauthorized access or use.
Merchant’s security measures must include, but are not limited to:
• using tools preventing internet sessions from being redirected to unauthorized websites;
• using strong encryption and cryptography methods;
• securing all communications between Merchant and the Cardholder;
• storing material containing Card information and account numbers, whether on paper or electronically,
in a secure area only accessible by selected personnel;
• ensuring databases containing Personal information are only accessible by authorized persons (note that
static passwords are not sufficient for this purpose);
• using multi-factor authentication techniques for the access of data;
22
• not storing Card (or other financial transaction device) verification data subsequent to the authorization
of a transaction;
• not retaining full-track magnetic strip data subsequent to authorization;
• preventing users from entering or executing unrestricted database or system commands; and
• only originating customer support functions from secured computers on secured networks.
Merchant must, prior to accepting any transactions through electronic means or submitting any transaction to
Payline, and continuing as long as Merchant is using the Services:
• implement network access controls that prevent the systems holding Personal Information (or which
otherwise have access to Personal information) from being directly accessible from the internet;
• implement security measures to prevent the opening or running of emails or attachments from unknown
sources;
• test any software or equipment modifications prior to the implementation of such modification to ensure
the modification does not adversely affect any security measures in place;
• evaluate and test its hardware and software on a routine basis to evaluate the sufficiency of its data
security processes and procedures;
• install and maintain a working network firewall;
• keep all software and hardware current with security patches and firmware upgrades;
• encrypt stored data;
• encrypt transmission of Cardholder data;
• use up-to-date antivirus software;
• restrict access to data to those employees with a need to know such data;
• assign unique identification numbers to each user and track data access be each such user;
• update passwords to non-default and difficult to guess combinations of letters, numbers, and symbols;
• maintain and enforce a security policy; and
• restrict physical access to Cardholder information.
IMPORTANT: Adherence to the above security measures does may not constitute Merchant’s adherence to the
PCI Requirements, and such data security obligations, processes, and procedures are in addition to and not in
lieu of Merchant’s obligation to comply with all PCI Requirements. Merchant understands that Merchant’s
compliance with the security measures above and the PCI Requirements does not constitute a representation,
warranty, or guaranty with regard to the security or accessibility of Merchant’s systems, and that a data breach,
the unauthorized access or use of data, or the unauthorized access or use of the Services may still occur.
Merchant will be solely responsible and liable for any such data breach or the unauthorized access or use of data
or the Services.
Merchant must immediately report to Payline any actual or suspected data breach or other unauthorized access
or use of confidential information, transaction information, Card information, or other personally identifiable
information.
6.3 Truncation
Merchant will truncate all information produced, transmitted, held, or stored in accordance with the Rules and
applicable Laws, including but not limited to the truncation of the account number and the Card expiration date
on the Cardholder’s copy of each transaction receipt. Certain jurisdictions may require the truncation of the
account number and Card expiration date on the documentation and receipt copy retained by the Merchant. If
Merchant does business in such an area it must fully comply with such truncation Law.
6.4 Personal Information
Merchant will not access or use, nor allow any third party to access or use, any Cardholder’s account number,
other than Payline, Bank, and the Card Brands. Merchant shall only use those third-party service providers for
loyalty programs, fraud control programs, and other programs, products, and services which interface with, use,
or can access data from Merchant’s payment systems if such third-party service providers have been approved
by Payline in writing. To the extent any such third party is used, Merchant must ensure that Merchant
23
contractually retains legal control of all Personal Information and all other confidential and payment information
and that such third party complies with all PCI Requirements (including registration with the Card Brands and
the installation and maintenance of such third party’s software or hardware by an appropriately registered and
licensed personnel).
Merchant may not for any reason, including but not limited to bankruptcy, insolvency, or other suspension of
business operations, sell, transfer, purchase, or otherwise exchange or disclose materials that contain Personal
Information, Card information, or other confidential payment information of any Cardholder. Notwithstanding
the foregoing, Merchant may disclose such information to Payline and Bank as necessary to complete a
transaction or comply with applicable Law.
Merchant should not list a Cardholder’s phone number, driver’s license number, or any other confidential
information on the transaction receipt (except to the extent required by the Agreement, this Guide, or the Rules)
and, to the extent Merchant’s collection of such Personal Information is permitted under the Merchant
Agreement, this Guide, and the Rules, it must be protected by Merchant from unauthorized access or use. All
documents containing Personal Information or other sensitive or confidential information must be securely
disposed of. This includes, but is not limited to, industrial grade shredding of all tangible documents containing
such Personal Information or confidential information and such other methods to ensure the information is
unreadable prior to discarding such information. Merchant will ensure that the account number or other Personal
Information or confidential information is not transmitted to the Cardholder over the internet or on the
transaction receipt, except to the extent required by the Agreement, this Guide, or the Rules.
6.5 Security Audits
Merchant must, within sixty days of the effective date of the Merchant Agreement, and annually thereafter, use
Payline’s security program or a Payline-approved third-party qualified security assessor to evaluate Merchant’s
compliance with security protocols and PCI Requirements. Merchant must promptly submit a copy of the
assessment results and certification of compliance to Payline. Merchant understands that such assessments and
compliance certificates are based largely on self-reported information and do not guarantee Merchant’s
compliance with the PCI Requirements. Merchant’s completion of such assessments or receipt of compliance
certificates do not constitute Merchant’s fulfillment of all of Merchant’s security obligations under this Guide.
Failing to complete such assessment or submit such certification will result in Merchant being assessed PCI
Non-Compliance fees as set forth in the Merchant Application.
6.6 Privacy Policy
If Merchant sells goods or services on the Internet, Merchant’s web site must contain Merchant’s consumer
privacy policy and a description of Merchant’s method of safeguarding consumer transaction data. Merchant
will ensure that its privacy policy enables Merchant to share payment information and other information with
Payline, Bank, Debit Sponsor, and the Card Brands as required under the Agreement, this Guide, and the Rules.
6.7 Passwords
If Merchant receives a password from Payline or Bank to access a transaction system or gateway, Merchant
shall: (a) keep the password confidential; (b) not allow any other entity or individual to use the password or gain
access to such systems; (c) be liable for all action taken by any user of the password; and (d) promptly notify
Payline and Bank if Merchant believes the confidentiality of Payline’s or Bank’s systems or Merchant’s
information (including the credential) has been compromised.
6.8 Confidential Information Treatment
Merchant is solely responsible for preventing the unauthorized access or use of all Confidential Information
which Merchant receives, processes, stores, transmits, or to which Merchant otherwise has access. Upon
termination of the Agreement, all information not required to be retained by Merchant under the Merchant
Agreement, this Guide, the Rules, or Law, must be returned to Payline or securely destroyed, and Merchant will
not retain any copies, reproductions, excerpts, or derivative works thereof. With respect to all Confidential
Information which merchant is required to maintain under the Merchant Agreement, this Guide, the Rules, or
the Law, Merchant’s confidentiality obligations set forth in the Merchant Agreement and this Guide shall
24
survive termination of the Agreement and upon the expiration of Merchant’s obligation to maintain such
Confidential Information, Merchant will return or securely destroy such Confidential Information and will not
retain any copies, reproductions, excerpts, or derivative works thereof.
6.9 Trade Secrets
Payline and Bank, through the expenditure of a significant amount of time, effort, cost, and research, developed
and secured the right to use various computer programs, forms, logos, manuals, and related materials, which
constitute property of great value and trade secrets, and that disclosure to others of such materials may result in
loss and/or irreparable damage. Merchant further acknowledges that the system in its entirety constitutes a trade
secret which is revealed to Merchant in confidence. Accordingly, Merchant agrees to hold and use any and all
such property or information regarding the system in confidence, and not to disclose, reveal, copy, sell, transfer,
sub-license, assign, or distribute any part of it, in any form, to any individual, firm, corporation, or other entity,
nor permit any of its employees, agents, or representatives to do so, except as required to fulfill its obligations
under the Merchant Agreement or otherwise expressly permitted in writing by Payline or Bank. The Merchant
further agrees that upon termination of the Merchant Agreement for any reason, it will immediately return all
such property to Payline and/or Bank, as applicable. Pursuant to the Defend Trade Secrets Act of 2016, the
parties understand that an individual may not be held criminally or civilly liable under any federal or state trade
secret law for the disclosure of a trade secret that: (a) is made in confidence to a federal, state or local
government official, either directly or indirectly, or to an attorney; and solely for the purpose of reporting or
investigating a suspected violation of law; or (b) is made in a complaint or other document that is filed under
seal in a lawsuit or other proceeding.
7. AUDITS AND MONITORING
7.1 Finances
Merchant will, on an annual basis or more often upon Payline’s request, provide Payline with a copy of
Merchant’s most-recent financial statements (including accompanying notes and disclosures), tax returns, and
bank statements. If available, Merchant shall submit audited versions of its financial statements, provided that if
audited statements are not available Merchant will have its CEO and CFO (or equivalent) certify that such
statements are accurate, complete, prepared in accordance with U.S. Generally Accepted Accounting Principles,
and not misleading. Merchant will provide prior written notice to Payline of any event which will or could have
a material adverse effect on Merchant’s financial condition or ability to operate as far in advance as reasonably
possible under the circumstances. In all cases, Merchant will provide written notice to Payline upon such events
or circumstances, including any bankruptcy, receivership, insolvency, lawsuit, or any similar condition or action
by or against Merchant or its principals. Merchant will include Payline and Bank as creditors in the event of any
bankruptcy. The Merchant Agreement constitutes an executory contract to extend credit or financial
accommodations and cannot be assumed or assigned in the event of bankruptcy. In the event of Merchant’s
bankruptcy, Payline and Bank shall be entitled to suspend further performance under the Merchant Agreement.
7.2 Inquiries and Inspections
Merchant authorizes Payline, Bank, and their agents to perform background investigations and credit checks on
Merchant and its principals upon submission of the Merchant Application, any time during the term of the
Merchant Agreement, and after termination of the Merchant Agreement for as long as any amount is owed to
Payline or Bank. Merchant represents and warrants that it has obtained all authorizations, consents, and
approvals necessary to provide such authorization to Payline. Payline, Bank or their agents may, at any time and
without prior notice, inspect Merchant’s locations, business operations, systems, processes, procedures,
inventory, equipment, books, records, licenses, and security (“Records”) to ensure that Merchant is complying
with the Merchant Agreement, this Guide, and the Rules.
7.3 Audits
Merchant authorizes Payline, Bank and each Card Brand to, at any time, directly or through a third party, audit
Merchant’s Records to confirm Merchant’s compliance with the Merchant Agreement, the Rules, and applicable
25
Laws. Merchant will allow Payline, Bank, and each Card Brand, or their designated representatives to access,
evaluate, inspect all Records and to make any copies of reproductions thereof as deemed appropriate by the
auditor.
7.4 Cooperation with Audits
Merchant will fully cooperate with Payline, Bank and each Card Brand, including in connection with any fraud
risk, illegal activity, or risk of loss identified by Payline, Bank or a Card Brand. Merchant shall fully cooperate
with all security investigations and audits conducted by Payline, Bank, the Card Brands, or other applicable
authorities (including without limitation governmental agencies) until completed. Merchant will take those
actions Payline, Bank or a Card Brand deem necessary to protect themselves, their members, and Cardholders.
Payline, Bank and the Card Brands will have no liability to Merchant for any action taken in good faith.
7.5 Information
Merchant shall keep a complete, well-documented file containing Merchant Records and copies of all
transaction receipts and other information required to be maintained by Merchant, including any information
connected to any investigation, for the term of the Merchant Agreement and at least seven (7) years thereafter,
unless required to previously destroy such information by Law or the Rules, in which case Merchant shall
securely retain such information for the maximum period of time allowed by Law and the Rules. Merchant
agrees to supply any Records, information, or other documents requested by Payline, Bank or a Card Brand to
such entity upon request, including but not limited to any transaction documentation, operational procedures,
financial statements, product details, and sales methods.
7.6 Monitoring
At sole discretion of Payline and Bank, if Merchant’s type of business is deemed a compliance risk, Bank or
Payline may enroll Merchant in a third-party risk monitoring service (“Monitoring Service”) at the sole expense
of Merchant. Merchant will either be notified in advance of underwriting approval of enrollment in Monitoring
Service and related expenses, or notified no less than 30 days in advance if Merchant has an open merchant
account with Payline and Bank. Refusal of Merchant to enroll in a Monitoring Service when mandated by
Payline or Bank may be cause for declining the Merchant Application or termination of the Merchant
Agreement.
8. ADDITIONAL POLICIES AND PROCEDURES
8.1 Third-Party Service Providers
Any third party used by Merchant in connection with any of the Services, or which otherwise has access to any
Personal Information or other Cardholder data must be registered with the Card Brands and comply with the
Rules. Merchant will use qualified integrators and resellers where required by the Rules. Merchant will not use
any third party which is not properly registered with the Card Brands. Further, Merchant assumes full
responsibility for, and all liability associated with or resulting from, the use of and the actions and omissions of
any third party used by Merchant, including liability for the actions, omissions, and data security of such third
party.
Merchant will ensure each third-party service provider it uses does not have access to any Card information,
Cardholder information, or Confidential Information unless: (a) such third party is properly registered with the
Card Brands; (b) such third party is compliant with all PCI Requirements; (c) Merchant has informed Payline of
its use of such third-party service provider; and (d) Payline has approved Merchant’s use of such third party.
Payline will not be obligated to accept or process transactions delivered by an unauthorized third-party service
provider. Payline’s approval of a third party for Merchant’s use will not: constitute a representation, warranty,
or guaranty with respect to such third party, including its suitability, services, performance, or compliance with
the Rules, PCI Requirements, or Law; or relieve Merchant of any responsibility or liability related to or arising
from such third party or the acts, omissions, or data security of such third party.
26
8.2 Hold Period
Payline may at any time set or adjust the settlement holding period, which is the period of time Payline retains
the proceeds of Merchant’s submitted transactions prior to provisionally crediting the portions of amounts due to
Merchant into Merchant’s bank account. The hold period may be up to the full period of time during which any
transactional activity by Merchant: may be charged back by the Cardholder or Issuer; is subject to investigation;
or is subject to risk which may result in the proceeds being seized, contested, or otherwise not settled.
8.3 Payments
Merchant will ensure that its Account is at a financial institution which accepts ACH transactions, and that the
Account at all times has adequate funds to cover all amounts due to Payline and Bank, under the Merchant
Agreement or otherwise, including the amounts necessary to cover all fees, fines, assessments, and chargebacks.
Merchant will not modify or change the Account without providing at least thirty (30) days prior written notice
to Payline.
Payline may, at its sole discretion, deduct all amounts due from Merchant to Payline from the proceeds of
transactions submitted by Merchant, whether such amounts are due under the Merchant Agreement or any other
agreement, prior to the final settlement of such transaction proceeds. Alternatively, Payline may, at its sole
discretion, deposit all proceeds from transactions processed by Payline on behalf of Merchant into the Account
and withdraw from the Account those fees and other amounts due to Payline, whether such amounts are due
under the Merchant Agreement or any other agreement.
Payline and/or Bank may withhold settlement of the proceeds of any transaction from Merchant until all risk of
the transaction being charged back, contested, or reversed has expired, including instances where Payline or
Bank believes the transaction: (a) violates or may violate any Rule or Law; (b) is in violation of the Merchant
Agreement or this Guide; (c) is not a valid transaction; (d) is not submitted in accordance with Payline’s or
Bank’s protocols, specifications, and guidelines; (e) is likely to result in a chargeback, loss, penalty, fee, or fine;
(f) does not fall within the parameters set forth on the Merchant Application and for which Merchant has been
approved; (g) would cause Merchant to exceed the transaction count, gross volume amount, or transaction
volume amount limits established by Payline or Bank for Merchant; (h) is fraudulent or materially varies from
the transaction activity expected from Merchant; (i) does not result from an act between the Cardholder and the
Merchant; or (j) would exceed any other limitations or restrictions established for Merchant. All deposits of
transaction proceeds to the Account are provisional and may be revoked at any time by Payline and/or Bank
without notice to Merchant, including if Payline and/or Bank do not receive payment for such transaction or
such transaction is credited, charged back, disputed, or otherwise reversed by the Cardholder, Bank, the Issuer,
any Card Brand, or any other person or entity.
8.4 Chargebacks
Chargebacks are processed transactions disputed by the Cardholder or Issuer or otherwise reversed in
accordance with the Rules. Merchant is responsible for the amount of each chargeback and the chargeback fee
set forth in the Merchant Application, including any chargebacks resulting from transactions not being
performed in accordance with the Merchant Agreement or this Guide or in connection with goods or services
purchased with an altered terminal or other transaction device. This amount may, at Payline’s sole discretion,
be: withdrawn from the Account immediately or at the time of any future settlement; offset against transaction
proceeds or other amounts owed to Merchant; or deducted from any funds or collateral held by Payline or Bank
(including any reserve account). Merchant is solely responsible for resolving all disputes with a Cardholder, but
will comply with the Rules regarding contesting chargebacks and will not bring action against a Cardholder until
the chargeback dispute processes has concluded.
Merchants may rebut the chargeback through the Card Brand chargeback dispute procedures. To rebut a
chargeback, Merchant must provide sufficient documentation evidencing that the transaction was valid and
authorized. Any such rebuttal must be completed within the number of days set forth on the chargeback
notification. Payline will be unable to assist Merchant with the rebuttal of a chargeback if Merchant is unable to
provide the documentation or support requested or required in the rebuttal process to Payline within the
appropriate timeframes. Payline has no control over the outcome or decision determined through the chargeback
27
dispute procedures and will have no liability or responsibility with regard to outcomes or decisions which are
unfavorable.
Merchants can decrease chargebacks by not: charging a Cardholder before fulfillment of the transaction;
accepting sales for a Card that has been declined; processing the same transaction more than once; accepting a
receipt without a signature; or splitting one transaction into smaller amounts to obtain Authorizations.
Merchant agrees to take all steps reasonably appropriate to minimize Cardholder disputes and chargebacks, and
Merchant will resolve all such Cardholder disputes and chargebacks directly with the Cardholder and/or through
the chargeback dispute resolution process set forth in the Rules. Merchant may be subject to fees, fines, or
penalties, placed on the MATCH list, or terminated if Merchant’s chargeback rates exceed thresholds set by the
Card Brands, Payline, or Bank from time-to-time.
8.5 Trademarks
The Rules require Merchant to properly display the Card Brand marks at its physical address or on its website,
as appropriate, to indicate that the Cards may be used for the purchase of services or goods from Merchant.
Merchant will use any signs or decals provided to Merchant by Payline. Payline may, but is not obligated to,
provide additional signs and decals upon Merchant’s request. Merchant will not use Payline’s trademarks or
other intellectual property rights without Payline’s prior written consent, to be granted or withheld by Payline in
its sole discretion on a case-by-case basis.
Merchant’s use of the Card Brand logos and trademarks must comply with the Rules and any current usage
standards, guidelines and policies issued by the Card Brands from time to time. Merchant will not use Card
Brand logos or trademarks in any way which appears to present the endorsement of Merchant or Merchant’s
goods or services by the Card Brands. Merchant may not refer to a Card Brand when stating eligibility
requirements for purchasing its products or services. Merchant must immediately cease all use of Payline’s and
the Card Brand’s logos and trademarks upon the earlier of termination of the Merchant Agreement or notice
from Payline, Bank, or the Card Brands revoking the right to use such logos and trademarks.
The rights to use Payline’s and the Card Brand’s logos and trademarks pursuant to the Merchant Agreement and
this Guide are provided pursuant to a limited, revocable license. No ownership interest or other rights in or to
any Payline or Card Brand logos and trademarks are transferred, granted, or otherwise provided to Merchant.
8.6 Signage
If required by Payline or the Rules, Merchants will prominently display signage provided by Payline in its
place(s) of business.
All promotional materials, advertising displays, signage, emblems, sales draft forms, credit memoranda and
other forms supplied to Merchant and not purchased by Merchant or consumed in use will remain the property
of Payline and will be immediately returned to Payline upon termination of the Merchant Agreement. Merchant
is fully liable for all loss, cost, and expense suffered or incurred by Payline arising out of the failure to return or
destroy such materials following termination.
8.7 Liability
Merchant is solely responsible and liable for each transaction submitted using Merchant’s equipment,
credentials, or merchant identification number, including any disputes, chargebacks, refunds, or other credits.
Merchant is also solely responsible and liable for all fees, fines, penalties, costs, assessments, investigations, and
other expenses associated with Merchant’s use of the Services, breach of the Merchant Agreement, or failure to
comply with any Rule, including but not limited to any attorney’s fees, court costs, administrative fees, Card
Brand assessments, governmental fines, and penalties, whether incurred by Merchant, Payline, or Bank.
Merchant will reimburse Payline for the time and internal costs incurred by Payline in handling or facilitating
any investigation, regulatory action, administrative proceeding, or other proceeding which results from or is
initiated in connection with Merchant or any transaction submitted by or on behalf of Merchant to Payline, at
Payline’s then-current hourly rate.
28
In addition to the limitations on liability and disclaimers set forth in the Merchant Agreement, Payline and Bank
shall have no liability for, and Merchant waives any claims related to, any Service deficiency, delay,
interruption, or cessation which is caused by Merchant, any third party, an act of God, or is otherwise beyond
Payline’s or Bank’s reasonable control.
8.8 Card Brand Rights
In addition to the other Card Brand rights set forth in the Rules, Merchant understands and agrees that at any
time a Card Brand may temporarily or permanently prohibit Merchant or its owners, officers, partners,
proprietors, or employees from participating in the Card Brand networks. Card Brands may make any such
decision at their sole discretion, but such decisions typically result from: fraudulent activity; money or payment
laundering; repeated breach of the Rules; material breach of the Rules; or activity which is destructive or
harmful to a Card Brand network.
The Card Brands are third party beneficiaries of the Merchant Agreement and may: enforce the Merchant
Agreement and any of the Rules directly against Merchant; require Payline or Bank to terminate the Merchant
Agreement immediately and without cause, and Payline and Bank must comply with such requirement; or
revoke Merchants right to use or display such Card Brand’s name, logo, or other marks.
8.9 Insurance
Merchant will maintain reasonable insurance coverage based on its operations, size, and industry, including a
general liability policy, an errors and omissions policy, and a cyberinsurance policy. Merchant will provide a
copy of such insurance policies to Payline upon request. Payline or Bank may condition provision of the
Services, or continued provision of the Services, on Merchant’s obtaining and maintaining insurance policies
with those levels of coverage determined by Payline or Bank from time-to-time. Merchant will cause Payline
and Bank to be included as additional insureds in such policies.
8.10 IRS Withholding Regulations
Pursuant to Section 6050W of the Internal Revenue Code, merchant acquiring entities and third-party settlement
organizations are required to file an information return for each calendar year reporting all Card transactions and
third-party network transactions with payees occurring in that calendar year. Accordingly, Merchant will receive
a Form 1099-K reporting its gross transaction amounts for each calendar year. The Merchant’s gross transaction
amount refers to the gross dollar amount of the Card transactions processed through its merchant account with
Payline. In addition, amounts reportable under Section 6050W are subject to backup withholding requirements.
Payline will be required to perform backup withholding by deducting and withholding income tax from
reportable transactions if (a) Merchant fails to provide Merchant’s taxpayer identification number (TIN) to
Payline, or (b) if the IRS notifies Payline that the TIN (when matched with the name) provided by Merchant is
incorrect. Accordingly, to avoid backup withholding, it is very important that Merchant provide Payline with the
correct name and TIN that it uses when filing tax return that includes the transactions for its business. Payline
and Bank will not be liable for any amount withheld from Merchant in accordance with IRS regulations and
Merchant waives all claims against Payline and Bank in connection therewith. Merchant sole recourse with
regard to tax withholdings shall be against the IRS.
8.11 BIN Information
To the extent Payline provides Merchant with any BIN information or other product-identifying data of any
Card Brand, such information is solely for purposes of identifying Card product types at the point of sale.
Merchant may not use such information for any reason other than to identify Card product types at the point of
sale and for purposes of implementing acceptance practices permitted by the Rules. Merchant agrees that it will
not disclose any such information to any third party. Merchant shall treat BIN information as Confidential
Information.
8.12 Lodging and Vehicle Rental Transactions
For lodging and vehicle rental transactions, Merchant must estimate and obtain Authorization for the amount of
the transaction based upon the Cardholder’s intended length of stay or rental, and the Cardholder must be
informed of the dollar amount Merchant intends to pre-authorize. Additional Authorization(s) must be obtained
29
and recorded for charges actually incurred in excess of the estimated amount. Regardless of the terms and
conditions of any written preauthorization form, the sales draft amount for any lodging or vehicle rental
transaction shall include only that portion of the sale, including any applicable taxes, evidencing a bona fide
rental of personal property by Merchant to the Cardholder and shall not include any consequential charges.
Nothing contained herein is intended to restrict Merchant from enforcing the terms and conditions of its
preauthorization form through means other than a Card transaction. It is the responsibility of the Merchant to
comply with the Rules inherent to the Lodging and Vehicle Rental MCCs.
9. EQUIPMENT AND SOFTWARE
9.1 Use of Equipment
Merchant will only accept Cards, submit transactions, and run its business using equipment or software which
is: (a) compatible with Payline’s systems; (b) acceptable to Payline and Bank; (c) compliant with all PCI
Requirements; and (d) meets all standards and requirements in the Rules and Laws. If Merchant elects to accept
debit transactions, Merchant will ensure that a point-of-sale terminal and pin-pad shall be available for use by
Cardholders which meet all technical specifications and requirements of Payline and Bank. Approval of any
equipment or software or Payline’s recommendation, referral, or provision of any equipment or software shall
not constitute a representation, warranty, or guaranty with respect to such equipment or software, including the
compliance, security, functionality, or fitness for a particular purpose of such equipment or software, and
Merchant’s use of such equipment or software is at Merchant’s sole risk.
9.2 Purchase of Equipment
If Merchant elects to purchase any point of sale device, terminal, or other equipment from Payline, Merchant
will enter into a separate purchase agreement with Payline setting for the terms of the purchase. All sales of
point of sale devices, terminals, and equipment from to Merchant by Payline shall be on an “as is” and “as
available” basis, and Payline disclaims all representations and warranties, express or implied, with regard to any
such equipment, including any implied warranty of merchantability, fitness for a particular purpose, error free
operation, security, or that the equipment will be compatible with Payline’s Services. Unless otherwise
designated in the purchase agreement, all sales will be deemed final and may not be returned by Merchant.
9.3 Lease of Equipment
If Merchant elects to lease or license any point of sale device, terminal, software, or other equipment from a
Payline, Merchant will enter into a separate agreement with Payline governing such lease or license.
9.4 Installation of Equipment
Merchant shall ensure all software and equipment is installed, set up, and configured only by authorized
personnel which are properly registered and certified with the Card Brands. Merchant will not allow any third
party to modify, repair, or otherwise access, physically or electronically, any software or equipment used by
Merchant in connection with the Services or the Merchant Agreement, or which would otherwise provide such
third party with access to Confidential Information, without Payline’s prior written consent.
10. DEBIT CARDS
10.1 Sponsorship
Debit Sponsor shall act as Merchant’s sponsor with respect to the participation of point-of-sale terminals owned,
controlled, and/or operated by Merchant in those Debit Networks supported by Payline, which may be changed
by Payline or Debit Sponsor from time to time in their sole discretion and without notice to Merchant. Merchant
may also have access to other Debit Networks that do not require a sponsor. Payline will provide Merchant with
the ability to access the Debit Networks using the appropriate terminals and equipment for the purpose of
authorizing debit card transactions from Cards issued by the respective Debit Networks. Payline will provide
connection to such Debit Networks, terminal applications, settlement, and reporting activities in accordance with
the terms of the Merchant Agreement.
30
10.2 Participation
Merchant will execute and deliver any Merchant Application, Agreement, enrollment form, or other document
necessary to enable Debit Sponsor to act as sponsor for Merchant in each Debit Network. Merchant agrees to
utilize the debit card Services in accordance with the Merchant Agreement, its exhibits or attachments, and
Payline’s instructions and specifications, and to provide Payline with the necessary data in the proper format to
enable Payline to properly furnish the Services. The relevant and applicable portions of agreements, operating
regulations, and Rules may be accessed online or otherwise shall be made available to Merchant upon
Merchant’s reasonable request. Merchant shall not in any way indicate that Debit Sponsor endorses Merchant’s
activities, products, or services. Debit Sponsor and Merchant shall remain solely independent contractors of one
another.
10.3 Compliance
Payline and Debit Sponsor shall be excused from failing to transmit or delaying the processing of any
transaction which, in the exclusive opinion of Payline or Debit Sponsor, would result in the violation of any
present or future Law or Rule.
10.4 Payline and Debit Sponsor Rights
Payline and/or Debit Sponsor may, at any time terminate, the sponsorship of Merchant for participation in the
Debit Networks immediately and without notice to Merchant. During the term of the Merchant Agreement,
Payline or Debit Sponsor may assign Debit Sponsor’s rights and obligations hereunder to a third party.
Merchant agrees that Payline and Debit Sponsor’s enforcement rights under the Merchant Agreement and this
Guide with respect to Debit Sponsor’s sponsorship of Merchant under the Merchant Agreement will survive the
termination of Debit Sponsor’s sponsorship of Merchant. Debit Sponsor may assign its rights and obligations to
any parent, subsidiary, affiliate, or successor-in-interest without notice to Merchant. Debit Sponsor is a third
party beneficiary of the Merchant Agreement and this Guide, meaning Debit Sponsor has no obligations under
such documents but may, at its sole discretion, enforce such obligations against Merchant.
11. EBT TRANSACTIONS
11.1 Definitions
Capitalized terms used in this section and not otherwise defined in this Guide or in the Merchant Agreement
shall have the meanings ascribed them in the EBT Rules.
11.2 Issuance
Merchant agrees to issue EBT to Recipients in accordance with this Guide, the EBT Rules, and all
documentation and user guides provided to Merchant by Payline from time to time pursuant to the EBT Rules.
11.3 EBT Procedures
Merchant will provide each recipient a receipt of each Benefit issuance. Merchant will be solely responsible for
Merchant’s issuance of Benefits. Merchant agrees to comply with all Laws pertaining to the delivery of services
to Benefit Recipients and Benefit Recipient confidentiality. If Merchant issues food stamp Benefits under the
Merchant Agreement, Merchant represents and warrants to Payline that Merchant is an authorized “Merchant”
(as such term is defined in the EBT Rules) by the United States Department of Agriculture Food and Nutrition
Service (“FNS”) and is not currently suspended or disqualified by FNS. Merchant agrees to secure and maintain
at its own expense all necessary licenses, permits, franchises, or other authorities required to lawfully effect the
issuance and distribution of Benefits under the Merchant Agreement, including without limitation, any
applicable franchise tax certificate and non-governmental contractor’s certificate, and covenants that Merchant
will not issue Benefits at any time during which Merchant is not in compliance with the requirements of any
Law or EBT Rule.
11.4 Additional Indemnification
In addition to Merchant’s other indemnification obligations in the Merchant Agreement and this Guide,
Merchant agrees to indemnify, defend, and hold harmless Payline and its officers, employees, and agents from
31
and against any fees, fines, costs of compliance, or other expenses arising from or in connection with the failure
of Merchant to comply with the EBT Rules, the unauthorized issuance of Benefits, any Benefit transactions
submitted by Merchant, or the actions or omissions of Merchant with respect to any Benefits.
11.5 Legal Process
With respect to any Transaction, action, or omission involving Benefits, if any of the terms of this Guide or the
Merchant Agreement are found to conflict with applicable Law or the EBT Rules, the Law and EBT Rules shall
control. Nothing contained in the Merchant Agreement shall preclude the State from commencing appropriate
administrative or legal action against Merchant or a party from making any referral for any action to any
appropriate federal, State, or local agency.
12. GUARANTY
12.1 Personal Guaranty
By signing as a guarantor on the Merchant Application, such person (“Guarantor”) jointly, severally,
irrevocably, and unconditionally guaranties the full and faithful performance and payment by Merchant of each
of its duties, obligations, and liabilities under the Agreement and this Guide (“Obligations”) as each may be
amended in accordance with its terms. This guaranty is a primary inducement for Service Providers to enter into
the Agreement, and Payline and Bank would not enter into this Agreement but for Guarantor’s guaranty.
12.2 Recourse
Payline and Bank shall have immediate recourse directly against Guarantor for the full and immediate payment
of all losses, fees, fines, penalties, lost profits, consequential damages, and any other expenses including but not
limited to attorney’s fees and court costs (“Losses”) resulting from any failure of Merchant to fulfill any of its
Obligations. No delay or stay in or with regard to any Obligation against Merchant due to the application of
bankruptcy, insolvency, or other law or proceeding will be effective under Guarantor’s guaranty, and Guarantor
agrees to immediately pay all Losses that would be due but for such delay or stay.
12.3 Status
Guarantor’s guaranty is one of payment and not of collection, and Guarantor agrees that Payline and Bank are
not obligated before seeking recourse against or receiving payment from Guarantor to do any of the following
(although Bank or Payline may do so, in whole or in part, at their sole option, the performance of which are
hereby unconditionally waved by Guarantor: (a) take any steps to enforce the Obligations or collect the Losses
from Merchant or to file a claim of any kind against Merchant; (b) take any steps to enforce, accept, perfect
Payline’s and Bank’s interest in, foreclose upon, or realize on any reserve account or other collateral security for
the payment of the Losses or any other guaranty of the Losses; or (c) in any other respect exercise any diligence
in enforcing the Obligations or collecting or attempting to collect the Losses by any means.
12.4 Liability
Guarantor’s liability for payment of the Losses shall be absolute, continuing, unconditional, unlimited, and
irrevocable, and nothing except final and full payment to Payline or Bank of all Losses, whenever occurring,
shall operate to discharge Guarantor’s liability under this guaranty. The obligations and liability of Guarantor
will continue notwithstanding any defect in the genuineness, validity, or enforceability of the Agreement or
Obligations, or any other circumstances which might otherwise constitute a legal or equitable discharge or
defense of the liabilities of a surety or guarantor or which might otherwise limit recourse against Guarantor.
Accordingly, Guarantor unconditionally, absolutely, and irrevocably waives each and every defense which
under principles of guaranty or suretyship law that would otherwise operate to impair or diminish the liability of
Guarantor for the Losses, including without limitation notice of acceptance of this guaranty and presentment,
demand, protest, notice of protest, dishonor, notice of dishonor, notice of default, notice of intent to accelerate or
demand payment of any Losses, diligence in collecting any Losses, and non-performance of the Agreement.
Guarantor acknowledges that Merchant’s execution of a separate agreement with Payline, Bank, or both, or any
other liquidation event does not nullify or otherwise effect or terminate Guarantor’s obligations under this
guaranty.
32
12.5 Reinstatement
Guarantor acknowledges and agrees that if Payline or Bank shall at any time be required to return or restore to
Merchant or to any trustee, in bankruptcy or for any other reason, any payments made upon the Losses,
Guarantor’s guaranty shall continue in full force and effect or shall be fully reinstated as the case may be, and
Guarantor’s obligation to Payline and Bank under this guaranty shall be increased by the amount of (a) any such
payments upon the Losses as Payline or Bank shall be obliged to return or restore, (b) Losses applicable to any
such payments, and (c) interest on the amounts set forth in sections 12.5(a) and 12.5(b) at a rate equal to the
lesser of one and a half percent (1.5%) per month or the maximum rate allowed by law, accruing from the dates
the payments upon the Losses were originally made.
12.6 Status
In the event that Guarantor becomes obligated to pay any sums to Merchant or its successors or assigns, or in the
event that Merchant or any of its successors or assigns is now or hereafter becomes indebted to Guarantor
(collectively, "Debt"), the Debt will at all times be subordinate as to lien, payment and all other respects, to the
Losses, and Guarantor will not, among other things, accept any payment from Merchant or its successors or
assigns with respect to the Debt without Payline’s prior written consent. Furthermore, until all Losses are
indefeasibly paid in full and in cash, Guarantor hereby absolutely, irrevocably and unconditionally waives all
rights Guarantor may have, at law or in equity, to seek or claim subrogation. Payline and Bank have no duty to
enforce or protect any rights which Guarantor may have against Merchant or any other person and Guarantor
assumes full responsibility for enforcing and protecting such rights.
12.7 Representations and Warranties
Guarantor represents, warrants, and covenants to Payline and Bank that: (a) Guarantor has completely read and
understands the Merchant Application, Merchant Agreement, and this Guide, and agrees to all those portions
which apply to Guarantor; (b) any financial statements of Guarantor furnished to Payline are true and correct
and include all contingent liabilities of Guarantor; (c) if Guarantor’s financial statements were furnished to
Payline, since the date such financial statements were furnished to Payline no material adverse change has
occurred in the financial condition of Guarantor; (d) there are no pending or threatened legal proceedings or
judgments against Guarantor and no federal or state tax liens have been filed or threatened against Guarantor;
and (e) Guarantor is not in default or claimed default under any agreement.
12.8 Additional Terms
This guaranty by Guarantor shall inure to the benefit of Payline, Bank, and their successors and assigns. This
guaranty shall be binding upon Guarantor and his respective heirs, successors, and personal representatives.
Guarantor may not assign any obligations under this guaranty.
Guarantor agrees to pay all of Payline’s and Bank’s costs incurred in enforcement of or collection under this
guaranty and the Merchant Agreement, including, without limitation, reasonable attorney’s fees and expenses.
All rights, powers, and remedies of Payline and Bank hereunder and under the Merchant Agreement are
cumulative and not alternative and shall be in addition to all rights, powers and remedies given to Payline and
Bank by law and by agreement.
This guaranty by Guarantor is freely and voluntarily given to Payline and Bank by Guarantor, without duress or
coercion, and after Guarantor has either consulted with competent legal counsel or has been given an
opportunity to do so. Guarantor will immediately give Payline notice of any material adverse change in
Guarantor’s financial condition. Guarantor will not, until all Obligations have been fulfilled and all Losses have
been paid in full, make any voluntary transfer of any of Guarantor’s assets which would have the effect of
materially diminishing Guarantor’s present net worth.
This guaranty and any litigation between the parties (whether grounded in contract, tort, statute, law or equity)
with respect to this guaranty shall be governed by, construed in accordance with, and interpreted pursuant to the
laws of the State of Illinois, without giving effect to its choice of laws principles. Guarantor irrevocably submits
33
to the exclusive jurisdiction of the state and federal courts sitting in Cook County, Illinois for the purposes of
any suit, action, or other proceeding arising out of or relating to this guaranty or any transactions contemplated
hereby. Guarantor waives any defense of improper venue or inconvenient forum to the maintenance of action or
proceeding brought in such forum. Guarantor hereby waives the right to a jury trial with respect to any action or
claim arising out of any dispute in connection with this guaranty and any rights or obligations hereunder or the
performance of such rights and obligations.
Any notice required from one party to another relating to this guaranty shall be deemed effective if made in
writing and delivered to Payline at the address set forth on the first page of this Guide, or to Guarantor at the
address indicated next to Guarantor’s signature, by any of the following means: hand delivery; registered or
certified mail, postage prepaid; express mail or other overnight courier service; or telecopy, telex or other wire
transmission with request for assurance of receipt in a manner typical with respect to communications of that
type. Notices made in accordance with these provisions shall be deemed delivered on receipt if delivered by
hand or wire transmission during normal business hours or on the next business day if delivered after normal
business hours, on the third business day after mailing if mailed by registered or certified mail, or on the next
business day after mailing or deposit with the postal service or an overnight courier service if delivered by
express mail or overnight courier.
If any provision of this guaranty or any agreement or instrument executed in connection with this guaranty is
determined to be invalid, illegal or unenforceable, such provision shall be enforced to the fullest extent
permitted by applicable law, and the validity, legality and enforceability of the remaining provisions will not in
any way be affected or impaired.