At Braintree, we’re focused on helping our merchants offer payment experiences that are not only more seamless, but also more secure. One important aspect of making your checkout more secure is ensuring that your website, app, or other platform where you accept payments complies with applicable card brand rules. If you’d like to know more about some of these rules -- and how to help make sure your business is compliant -- keep reading.
Card brand rules generally require that merchants on all platforms (web pages, apps, invoices, or contracts) have clear and concise policies that disclose certain business information as well as cardholder rights before accepting payments. The specific requirements may vary depending on the country or countries where you operate, the card brands you accept, and your business model.
Following these requirements may help prevent chargebacks and provide your business with some of the necessary items to deal with potential cardholder disputes.
To help ensure that our merchants maintain the required policies, Braintree performs periodic reviews of our merchants’ websites. In order to avoid being flagged by our Risk team, please ensure the following policies are clearly disclosed to your customers:
- Contact information
- Refund or cancellation policies
- Privacy/personally identifiable information policies
Here are some frequently asked questions about these requirements:
What are sufficient forms of contact information?
- A listed email address
- A listed phone number
- A physical mailing address
- 2+ social media accounts
What does not qualify as a sufficient form of contact information?
- Blank email forms
- Mail-to links
- Pop up email message boxes
- P.O. boxes
- Chat interfaces
What if my pricing is determined on a case-by-case basis?
What if my prices and policies are only available to members?
It may also be helpful to include a “Terms & Conditions” checkbox or other similar electronic verification to confirm that customers acknowledge your terms before completing payment.
What if I don’t list pricing because I take donations?
A donation page with preset donation amounts, as well as custom donation options, is acceptable for non-profit organizations.
What if I accept payments on a mobile or web app?
What does a refund/cancellation policy need to cover at a minimum?
- Whether or not you provide refunds
- If you do provide refunds, which conditions must be met
- Whether there are any fees associated with refunds or cancellations
- What information you will be collecting
- How the information will be stored
- How you will be using the information you collect
- Whether or not you share that information with anyone else
For examples of acceptable formats for these requirements, check out this support article.
Note: The content of this blog post and any examples provided are not to be construed as legal advice. These are simply general industry practices shared by Braintree to help guide you. As requirements vary by country and by industry, you should always obtain independent legal advice for your business.