Offline credit card acceptance - what if the card is declined?

Factual Questions
1

I entered adulthood in the 90’s, when offline credit card acceptance was on its way out. When paying with plastic in the 2000’s, I did encounter the old embosser/carbon copy machine swipe occasionally.

I have had a card declined electronically at the point of sale. The last time it happened, it was apparently because I was in a “ghetto” area in a city a few hundred miles away, and it failed their risk algorithm (though I had used the card elsewhere in the city with no problem). There was no problem with my account.

What happens, or happened, if your card information was taken down offline, with you signing the old-fashioned carbon copy receipt, and the bank later declined the transaction when the merchant submitted the receipt for payment? Cards don’t normally have my address, so how are they going to find me? Would they get my contact info from the bank and come after me, or would I get a “friendly” call from the bank first?

We’re assuming here that there is no intent to defraud.

2

There was in fact a verification step in the middle - for transactions over a certain value ($50?), the merchant would call the bank to confirm the details and check the payment wouldn’t exceed the card’s limit.

3

The merchant lost nothing. The bank covers it and then kicks your ass.

4

Are you sure? That’s certainly not the case now. The merchant always loses.

5

Is that true in card-present transactions?

6

When they used the old carbon ca-shink! machines, they would almost always ask for your phone number and your driver’s license. They’d copy the phone and license numbers onto the credit card slip.

I have no idea what they’d do with them after that, as I never had one declined. But they did have more information on you than just the credit card number.

7

The merchant had a limit it was allowed to approve. Above that limit it had to phone in for verification. Within the limit the bank guaranteed the payment.

Even these days auto systems auto approve transactions below a certain limit. Above that limit it autodials the card issuer and gets approval.

8

I don’t know. There are circumstances where a card-present transaction can result in a chargeback, but I don’t know how common they are or who takes the hit.

Certainly I’d be surprised if it’s the bank.

9

In a card-present transaction, the merchant is protected against fraudulent use if he gets a signature and compares the signature to that on the back of the card. In a card-not-present transaction the merchant is protected against fraudulent use if he obtains the code (different cards have it in different places but usually a three-digit code on the back) to verify that the customer is holding a card. This is not true, however, with a chargeback due to customer claiming merchandise not delivered, etc. Merchants can challenge a chargeback; a few threads here have dealt with that.

Today with real-time authorization, I do not know, but would bet, that the merchant has to eat it if he closes a sale without getting authorization and the card is declined.

10

It really depends on your merchant agreement. I was an asst controller for a hotel and I have looked as so many different processing banks and levels of protection.

If a card fails an algorithm test, you can call it in and get an manual OK. I had a Chase card that gave me trouble as it had my address as

Markxxx
APT B
123 Fake Street
Chicago

The algorithm in some places was failing as it was comparing the street address to apt B.

Here’s something most people don’t know. You can put anything in the approval code. If I run a credit card through a machine and it’s declined, I can simply over ride it manually and put anything. AND the charge would go through. HOWEVER, if the credit card holder later disputed that charge, the store would lose because it put a fake approval in.

But if the credit card holder never disputes it, it doesn’t matter. The only time it would come to light is in the event of a dispute.

You pay for levels of protection and that is all you get from your processing bank. For instance, I was the asst controller of a hotel. History showed in the last 5 years we got THREE chargebacks. That is insanely low. So we went with the lowest level of protection which is MUCH cheaper.

But when our reservationist would make a reservation she’d ask for the three digit code on the back of the credit card. But this was totally unnecessarily. You know why, 'causes we didn’t pay for that protection. If a dispute happened and the hotel pointed out the person must have had the card as they had given us the correct 3 digit code on the back, the bank would say… “You don’t pay for that high level of protection, so you don’t get to use that as evidence to argue your case. You lose.”

In the event of power failures or downtime merchant agreements also cover that. For instance, in our hotel we were covered for 72 hours with notification for a limit.

In other words, if the power at the hotel went off or for some other reason we couldn’t verify the credit cards via the machine, we would call our bank processor and tell them. Then they would give us a “clear.” In our case it was $300 for three days.

That means anyone who checked in AFTER we phoned to notify them of our inability to electronically process, we could just take the imprint of the card and we were covered UP TO $300. If the charges went higher than we’d have to phone it in and get a higher limit, but as long as it stayed under $300, the bank covered a bad credit card we couldn’t check.

If you read these merchant agreements they are huge and full of restrictions and if merchants followed them to the letter, half the sales wouldn’t be possible. So they just go ahead and figure as long as the buyer doesn’t dispute them they’ll be OK.

11

Way back when, the card issuers (I know American Express, and probably the others) sent out merchants a monthly booklet that listed invalid (lost, stolen, cancelled, etc.) card numbers. If someone presented a card, the merchant would look up the card number in the booklet, and if it were present, would decline the transaction.

This system, of course, had obvious holes, particularly the lag of time between a card being invalid and the next booklet being issued. I also don’t know if there were transaction size limits above which additional verification was required, but given the technology constraints and costs of the time, it was reasonably effective for the purpose, particularly given the limited number of card-accepting merchants (concentrated in the entertainment and travel industries).

12

I was working retail in those days. Booklet is an exaggeration. They were printed in very small type on the thinnest cheapest paper available. A royal pain to use: When you try to look up a number in a phone book, it takes longer to determine that it isn’t there than to find it if it is.

I once sold an air compressor on a stolen credit card. Called it in and everything. About a year later a cop came by and showed me some mug shots…no way in hell I could ID the buyer.

13

As a merchant, I have used both the old-fashioned knuckle-buster to take an imprint of the card and had a card swipe terminal that uploads the data in a dump at the end of the day. I always asked for phone numbers and had an 800 number through my merchant account provider that I could call for immediate verification, which I never used but might have for an unusually large purchase. (I paid a higher rate to verify a transaction like that.)

I always asked for a phone number from the customer. On two occasions, I had cards rejected when I did the data transmission. In both cases, I called the customer and told them that their card was rejected for some reason. One person gave me a different card number. One said she’d send me a check. I ended up getting my money from both people.

14

When I was working at a Ski Resort, the simple rule was:

If the card was present (proved by carbon impression) and the signatures matched (merchant checks) then the merchant would not lose. Over the merchant limit, the merchant had to phone for authorization. (The current swipe terminals simply automate the process phone authrorization follows.)

Notice now that some merchants, for swipes, you don’t even have to sign nowadays if it is under the merchant limit (typically $50?).

Even more annoying, near the Orlando airport there was a gas station that could not accept my credit card because the pump system required the user to enter their zip code with their card swipe. One of the biggest tourist destinations in the country made no allowance for out-of-country cards. Some other places, I was told entering 00000 worked - but not the one in Orlando. They could not even take my card in the kiosk.

This was the beauty of the credit card system, once upon a time. the merchant merely had to verify card and signature, check against stolen list, and they were guaranteed payment. The card companies dealt withmassive fraud by simply jacking up interest rates so we all paid for it (and the 2%-5% rake-off from the merchants). It was a license to print money, until the internet.

If you find it, watch the movie “Middlemen” about the guys who developed a Visa charge system for porn web sites. apparently fraud was so bad that at one time, one of the internet sites accounted for 80% (IIRC) of the chargebacks on Visa.

The credit card companies then changed the rules about a decade ago, assessing a penalty against merchants with excessive chargebacks and fraudulent charges, sort of to encourage merchants to be more careful. Basically, it dumped the responsibility for most fraud back onto the merchant, so as not to interfere with the credit companies’ excessive profits.