Credit and debit cards have become very common, and only credit card users stand at 1.25 billion individuals. It’s clear that almost everyone has them, and fewer people are using cash nowadays. For most businesses, accepting plastic payments is becoming more and more essential. Partnering with a credit card processor and setting up a card reader at the POS is often just another cost of doing business for entrepreneurs.
But different customers have different paying preferences and there is a growing demand to accept credit cards over the phone, which are generally classified as card-not-present (CNP) transactions.
Many businesses, from retailers to restaurants, take orders over the phone. It’s generally seen as an extra service to enhance customer satisfaction in a society where cards are widely used. Accepting credit cards over the phone can also help businesses close sales quickly and reduce the time it takes to collect payments.
To Accept Credit Cards Over The Phone Is Still Popular And Important
Despite the prevalence of online payments, phone orders remain more common than one might expect. For instance, businesses often receive delivery orders that require telephone prepayment, and certain eCommerce retailers welcome phone orders for their products. Many mobile businesses heavily rely on phone-based transactions, especially if they face challenges in providing mobile credit card processing on-site.
Phone payments provide an extra layer of flexibility and convenience for your customers. Not everyone feels comfortable shopping online, and some may encounter accessibility issues. Additionally, it serves as a customer service option, allowing shoppers to inquire about products and services before making a purchase, offering a quicker and more streamlined payment system that enhances customer satisfaction.
A Brief Look At The Advantages And Drawbacks Of The Phone Payment
Accepting payments over the phone offers businesses a convenient and flexible way to process payments from customers, opening up new sales opportunities. However, like any payment method, it comes with its advantages and potential drawbacks.
Advantages
- Accessibility and Convenience:
Phone payments can be made from anywhere customers have phone service, providing a convenient option for those who may not visit your physical location or navigate your online payment system.
- Optimized Revenue and Improved Cash Flow Potential:
Immediate payment through over-the-phone transactions can capture sales that might not occur otherwise, securing bookings, orders, or services promptly and reducing the risk of unpaid invoices.
- Personalized Customer Service:
Phone transactions enable direct engagement with customers, allowing businesses to answer questions and even upsell or cross-sell products or services.
- Expanded Customer Base:
Businesses, by accepting payments over the phone, can reach a broader customer base, including those who prefer phone transactions or are less likely to engage with online payments.
Drawbacks
- Increased Risk of Fraud:
Card-not-present fraud, where scammers use an individual’s card number without a physical card, is a prevalent concern. This type of fraud often leads to chargebacks, resulting in financial losses for businesses. Excessive chargebacks may even lead to account closures. Additionally, chargebacks usually involve merchants refunding cardholders, with most processors issuing chargeback fees.
- Security Concerns:
Handling sensitive card information over the phone necessitates strict adherence to PCI-DSS (Payment Card Industry Data Security Standard) rules to safeguard customer data. Ensuring these standards can be more challenging with phone payments, and failure to comply may result in fines.
- Human Errors:
Manually entering card information increases the risk of human error, potentially causing transaction issues and customer dissatisfaction.
Who Accepts Over The Phone Payments?
Various types of businesses can find value in accepting payments over the phone, aligning with their unique operational models or customer service approaches:
- Service providers: Businesses offering services like home repairs, consulting, or catering can leverage phone payments to secure bookings or take deposits.
- Remote sales businesses: Companies selling products over the phone, such as telemarketers or catalog-based businesses, can efficiently process phone payments during a call.
- Hotels and Agencies: These businesses may opt for phone payments for bookings, particularly for customized travel plans or group reservations.
- Restaurants: Establishments providing food delivery or pickup services frequently utilize phone payments for convenience.
In various scenarios, CNP transactions occur, including:
- Orders online: Consumers buy goods online, then use their credit card information to check out.
- BOPIS: Orders are placed online and picked up by the consumer rather than being delivered.
- Phone orders: When placing an order through the phone, a consumer gives the sales representative their credit card information, which is subsequently used to process the transaction.
- Mail orders: Payments made over the mail, for example, while placing an order for a particular product catalog.
Things You Require To Accept Over-The-Phone Payment
Accepting credit card payments over the phone requires either a merchant account or a payment service provider. This will grant you access to a virtual terminal or a POS system with virtual terminal capabilities, allowing you to process transactions where the card is not physically present.
Setting Up a Merchant Account
A merchant account is like a business bank account that businesses need to accept credit card transactions over the phone and other electronic payments. It acts as a link between a customer’s credit account and a business checking account. When a transaction occurs, funds become instantly available in the business’s merchant account, and from there, they can be deposited into the business checking account.
Once your business has a merchant account set up by a payment processor, you can start handling credit card transactions over the phone with your customers. Since it’s a business bank account, you’ll require a business license to establish one. To kickstart processing debit and credit card payments, you’ll typically need some hardware, which you can purchase through your credit card processing partner. In some instances, the payment processor might even provide you with a free credit card reader to help you begin.
Virtual Terminal
To accept card payments over the phone, businesses need to set up a virtual terminal. This is a software application that merchants use to enter their customer’s card details and initiate payment for products or services. It’s somewhat similar to the familiar POS terminals, but here, the buyer completes a transaction online without being physically present.
The virtual terminal handles transactions known as MOTO or Mail Order/Telephone Order terminal.
A POS App
Your merchant services provider might ask you to download their exclusive application for processing payments. This software lets you manually handle credit card transactions, start the payment process, and store customer card details for recurring payments.
Simply download and install this app on your mobile phone or desktop to kickstart your sales processing.
Card Reader:
You ought to receive a mobile credit card reader from your merchant services provider. By connecting this little gadget to a smartphone or tablet, businesses and individuals can take CNP payments.
For a smaller cost, certain processors might provide terminal hardware with an integrated mobile card reader or a separate mobile card reader.
A Step-By-Step Process Of Taking Over-The-Phone Payments
If you’re curious about how to take credit card payments over the phone, it’s a pretty simple process. By following these three easy steps, you can set up a smooth system for phone transactions that bring in significant income for your business.
1. Figure out what credit card information you need:
Different payment providers and POS systems might have specific requirements for credit card details. Check your contract or provider’s website to know what information is necessary.
In general, you’ll need to ask your customers for at least the following information to process credit cards through your virtual terminal:
- Expiration date.
- Credit card number.
- Customer name.
- Billing ZIP code.
- CVV or Security code.
You might also have to ask for the card type (Mastercard, Visa, etc.), as well as the customer’s address, email, or phone number. If you’re shipping orders, you’ll need the customer’s shipping info, and if you’re sending email or text receipts, you’ll need contact details.
2. Entering the order details:
Once your virtual terminal is ready, you can begin processing payments for your customers. Depending on your virtual terminal, the typical steps to initiate an order are:
- Select the items from your inventory.
- Choose from a list of sent invoices.
- Enter the total transaction amount.
Double-check the details to make sure you are charging the correct total amount.
3. Processing the payment by adding the details and creating a receipt:
Collect credit card details, input them into your virtual terminal, and proceed with the payment. Your virtual terminal will alert you if the transaction is approved, confirming the successful acceptance of the payment. In the event of a decline, consider double-checking the details with your customer or inquire if an alternative card can be used.
Issue a receipt to the customer and finalize the order. Depending on your system, you can send a receipt via email or text, or print one to be mailed to the customer. Additionally, it’s wise to retain a copy of the receipt and any relevant details for your records. Given the heightened risk of card-not-present transactions, consider making specific notes about the sale and your phone conversation with the customer.
What Are The Costs Associated With Over-The-Phone Transactions
The cost of accepting payments over the phone relies on your payment processor and the terms outlined in your merchant agreement. Since these payments fall under CNP transactions, the fees may be higher than in-person, card-present transactions. This is because card-not-present transactions pose an increased risk of fraud and chargebacks.
Remember that these rates are subject to change and may vary based on your specific agreement with the processor. Additionally, there might be extra fees associated with refunds, chargebacks, the use of a virtual terminal, or charges associated with international transactions.
Here’s a breakdown of the charges by popular payment processors:
Company | Charges |
Square | 3.5% plus an additional $0.15 |
Stripe | 3.4% plus an additional $0.30 |
Clover | 3.5% plus an additional $0.10 |
PayPal | 3.49% plus an additional $0.49 |
Things To Remember When Getting Over-The-Phone Payments
Get Complete Information
Addressing the fraud concern is a top priority when handling credit card transactions on the phone. Unlike other transactions where the card is physically present, phone transactions pose a higher risk due to the absence of the credit card. While chip card transactions offer optimal fraud protection, swiped transactions are safer than those conducted over the phone without physical possession of the card.
To enhance the safety of your phone-based transactions, it’s crucial to gather as much information as possible from the customer. The more details you collect, the lower the risk of processing a fraudulent transaction.
At a minimum, ensure you obtain the following information from the customer during the phone transaction:
- Full number of the credit card
- First, Middle, and Last name of the cardholder
- Expiry date
- CVV or Security code
- Billing ZIP code
- Billing address
- Phone number of the customer
For an additional layer of protection, consider requesting the same information needed when accepting payment by check. This includes the customer’s driving license number and DOB.
Avoid Recording the Calls
For businesses to accept credit card payments securely, adherence to the PCI Data Security Standards is paramount. PCI compliance is a comprehensive approach to safeguarding customers’ credit card data, extending its significance to all payment methods—online, over the phone, or in person.
A crucial aspect of PCI compliance is the non-retention of specific customer information, including the CVV, post-authorization. Consequently, recording phone calls containing this sensitive information is strictly prohibited. Such recordings would constitute a form of data storage that contravenes PCI standards.
Suppose your phone system automatically records all calls. In that case, it’s imperative to stop the recording when customers share credit card information to align with PCI compliance and ensure the security of your customers’ data.
Avoid Writing Down the Card Information
A crucial aspect of PCI compliance involves refraining from storing CVV and related data, extending to any notes created during a credit card order. While it might be tempting to jot down information provided by the customer over the phone, doing so poses a risk of PCI non-compliance. Even if the intent is to discard notes, such as a CVV written on a Post-it Note, it still violates PCI regulations.
A more secure approach is to input the customer’s credit card details directly into your terminal or POS system without resorting to written notes. This method eliminates the risk of exposing customer data, reducing the likelihood of it falling into the hands of potential thieves. If there’s a necessity to note the customer’s CVV, promptly shred the paper after use to ensure compliance and safeguard customer information.
Employee Training for Phone Payments
It’s crucial to provide comprehensive training to any staff members handling phone payments, ensuring they are well-versed in these protocols and grasp the significance of security measures. Recognizing that a simple error can result in data breaches and legal complications underscores the importance of thorough staff training in maintaining the integrity of your payment processes.
Are Over The Phone Payments Secure?
Ensuring the safety of card payments over the phone involves two key approaches: either the responsibility lies with the merchant or their service provider.
Opting for a payment service provider that adheres to Level 1 PCI DSS standards serves as a robust assurance of transaction safety. These providers guarantee that every transaction conducted through a virtual terminal meets the highest security requirements. Typically, merchants using such providers are not burdened with compliance responsibilities as it is managed by the service provider.
For a merchant, taking on the task of securing phone payments can be challenging. It demands significant time investment in setting up data privacy and payment security measures. Many merchants would prefer to channel this time toward scaling their business rather than managing intricate security protocols.
Tips For Avoiding Chargebacks And Frauds
To guarantee the safety of CNP transactions in your business, consider the following measures:
- Maintain PCI Compliance:
Compliance with PCI requirements is a security requirement for companies that handle debit and credit card information, as was previously discussed. It covers things like keeping a security protocol up to date, safeguarding cardholder data, and keeping an eye on a safe network. Verify that your store’s servers and software for online sales adhere to PCI standards.
- Implement Address Verification Service:
The AVS verifies that the shipping address and postal (ZIP) code given by the consumer at checkout are identical to the credit card issuer’s records. When there is a discrepancy, like a different home address or a different ZIP code, AVS notifies the retailer with a code. AVS is a useful tool Because unauthorized users tend to don’t have the right billing address.
- Validate Card Security Codes:
One method to verify that an individual actually has the card is to ask for the CSC, which is a three-digit number located on the back of credit cards such as Visa, Mastercard, Discover, and AMEX. Requesting CSC information improves transaction security because stolen credit card data usually lacks it.
Conclusion
The trend towards accepting credit card payments over the phone reflects how consumer preferences and business practices are evolving. Even though online transactions are common, over-the-phone payments are still important for businesses as they offer flexibility, convenience, and personalized customer service.
Businesses that consider this payment method also need to evaluate the factors and take steps to mitigate risks. This can involve adhering to PCI compliance standards and providing employee training.
To set up the infrastructure for phone payments, businesses will need a merchant account, a virtual terminal, and potentially a POS app or card reader. Understanding each step of the process, from collecting customer information to processing payments, is crucial for ensuring secure transactions. Additionally, businesses need to be aware of the costs associated with over-the-phone transactions. This includes fees charged by payment processors. Being mindful of these charges and selecting a payment processor can contribute to better financial management.
Frequently Asked Questions
Q: How can I accept credit card payments over the telephone?
A straightforward method is keying in card numbers on your credit card terminal. Simply ask your customer to read off the card number, expiration date, and CSV code while you input the details into your credit card terminal at the point of sale (POS).
Q: What are the Regulations Regarding the Security of Over-the-phone Payments?
Many people wonder if taking credit card payments over the phone is secure. The answer is yes, as long as you adhere to the correct protocols. The primary risks associated with phone payments are related to not following PCI DSS compliance. This involves the commitment to securely accept, store, process, and transmit cardholder data during card transactions.
Another set of regulations affecting online card payments comes from the EU Revised Directive on PSD2. These regulations impact payment service providers operating within the European Economic Area. Notably, it introduces a new standard called SCA. However, SCA is only applicable to customer-initiated payments. As the merchant processes over-the-phone payments on behalf of the customer, they fall under the category of merchant-initiated transactions.Q: What are some Conditions for Over-the-Phone Payments?
Ensuring a transparent and secure global payment environment is a key objective for payment service providers. Handling card payments over the phone is a responsible undertaking. As these types of transactions are initiated by the merchant, specific requirements are established to validate the legitimacy of merchants engaging in this process.
For a merchant to utilize a MOTO virtual terminal for over-the-phone transactions, they must adhere to the following requirements:
– Proven Processing Competence
– Maintain Low Chargebacks
– Ensuring a Stable Business Operation History of Over Three YearsQ: Handling Customer Credit Card Information: What’s Allowed?
A significant concern in PCI compliance often revolves around the practice of merchants jotting down customer credit card details. Whether it’s on a physical piece of paper or a spreadsheet, this is a clear violation that jeopardizes both customer safety and puts your business at risk of a potential data breach.
While manually recording a customer’s card information is discouraged, it doesn’t mean you can’t securely store it for future use, such as recurring payment plans or billing repeat customers. Relying on a secure credit card vault provided by your merchant service provider is an excellent method to retain credit cards. For repeat clients, a one-time phone call can provide their card info, and thereafter, you can bill them using the securely stored data.Q: Is it safe to share your CVV number over the phone?
It’s usually not recommended to share your CVV and debit card number over the phone, even with legitimate businesses. This is because there’s no way to confirm if the caller representing the company will keep the provided information secure. It’s a risk that’s best avoided.