e-Credit Card Contract

The Internet Newsletter November 2001 volume 6, Number 8

American Lawyer Media

Tips for Internet Companies Negotiating Merchant Service Contracts

By Jonathan Bick

(Jonathan Bick is an adjunct professor of law at Rutgers Law School and Pace Law School.

He is the author of 101 Things You Need To Know About Internet Law (Random House 12/00)).

Credit and debit cards perform the function of cash and checks for
e-commerce transactions. Merchant services agreements are the contracts that
detail how Internet companies may take electronic payment by debit and
credit cards. To properly advise e-commerce clients, attorneys who represent
Internet companies need to know how to negotiate merchant service accords.

Five concepts are central for properly negotiating merchant service
contracts. These are: contractually identifying which party bears the risk
for each type of e-credit card transaction loss; securing contract
protections for e-commerce transactions equivalent to mail order
transactions; treating charge back fees, settlement fees and balance
requirements as negotiable business issues; segregating credit card and
debit cards transaction processing procedures; and negotiating privacy

Currently, credit card financial systems are the only practical process by
which Internet businesses can obtain reliable information to ensure payment.
The use of credit and debit cards, which are implemented by merchant
services agreements, are also the only realistic Internet consumers can be
certain that they have recourse in the event their Internet transactions go

Among the first steps when negotiating a merchant service is to
contractually identify which party will bear each type of loss associated
with an e-credit card transaction. For instance, normally an Internet
vendor who does not ship goods is liable for a loss to a credit card holder
whose bank paid for such goods. Similarly, merchant service agreements
normally require the bank to bears the loss in the event of fraudulent debit
and credit transactions committed by one of the bank's credit card holders.

Contractually identifying loss liabilities is of paramount importance
because merchant service agreements result in sharing a bank account with
the credit card issuer or their agents. Typically, merchant service
agreement allows each party to withdraw thousands of dollars without advance
notice for a variety reasons including but not limited to payment disputes.
In some cases, such agreements allow the common account to be frozen.

By visibly identifying loss liability, the risks associated with merchant
service agreements, can be covered by insurance policies. For example, as
noted in the case of Northside Bank v. American Casualty Co. of Reading, PA,
PICS Case No. 01-0357 (C.P. Allegheny Jan. 10, 2001), typical insurance
policy language unambiguously protected banks against losses resulting from
claims arising from fraudulent debit and credit transactions committed by
one of its customers.

Many merchant service agreement vendors offer Internet customers fewer
warranties than traditional customers. The statutes, which govern the use of
the credit card system, offer Internet merchants the same legal protections
that they are eligible for when using the credit card system for telephone
or mail order transactions. Thus, it is appropriate to negotiate for the
same contract protections as if the e-commerce transaction was completed by
mail. It is advisable to get a copy of the merchant service agreement used
for mail order transactions before discussing the use of the merchant
service agreement of Internet credit card use.

In the course of negotiation, it may advantageous mention that federal laws
delineate most of the noteworthy rights and obligations of credit card
system participants. Since no special regulations have been enacted for
credit card use on the Internet, presumably the same laws and rules that
govern credit card transactions in the physical world apply to Internet

Specifically, these laws address which party bears the cost of unauthorized
credit card use, which is among the most substantial risks of loss. It is
important to Internet firms that the merchant service agreement not be used
to reassign the risk of loss associated with the unauthorized use of a
credit card via the Internet.

Charge back fees, settlement fees, balance requirements and other elements
of merchant service agreements are subject to negotiation. These terms are
set by the market not by state or federal statute. When negotiating such
terms is may be prudent to remember that banks prefer electronic payments,
which are far cheaper to process than check or cash transactions.

A traditional merchant is paid by its own bank after the bank receives the
credit card sales draft from the merchant. The merchant's bank is referred
to as an "acquiring bank" because it "acquires" credit card transactions
from the merchant. The bank, which sends the acquiring bank money to pay the
merchant, is the bank that issued the credit card used by the merchant's
customer. This bank is referred to as the "issuing bank" because it issues
the credit card.

It normally takes from three to four months for the merchant's acquiring
bank to receive money from the issuing bank. The delay is usually because
the issuing bank does not transfer funds to the acquiring bank until it
receives payment from the merchant's customer who used the credit card.
However, the acquiring bank pays the merchant before the issuing bank has
paid the acquiring bank. The payment of the merchant by the acquiring bank
before being paid by the issuing bank effectively results in a line of
credit to the merchant in an amount equal to the credit card payment.

Debit card transactions and pre-paid credit cards do not suffer from the
same systemic delays as credit cards. Debit cards, for example, allow banks
to deducted payments directly from an existing bank account, which they
control. Consequently, Internet firms inevitably benefit from negotiating
merchant service agreements that segregate the treatment of credit card
transactions from other types of transactions.

During the time between the merchant's request to receive payment from the
acquiring bank and the related payment by the issuing bank to the acquiring
bank, a person whose credit card was used in the transaction can dispute a
credit card transaction. For example, a dispute might arise after a
cardholder's card has been stolen.

The immediate result of dispute claim by a cardholder is that the issuing
bank will notify the acquiring bank that it will not pay the merchant's
bank. Upon such notice, the merchant's bank will reverse the transaction by
processing a "charge-back" against the merchant's account. Acquiring banks
generally require the merchant to maintain a balance in its bank account in
a sufficient amount to cover charge-backs.

Settlement fees are deducted by acquiring banks from the credit card
transaction amount before paying the merchant. The difference between the
amount paid to the merchant and the credit card amount is the amount of
revenue earned by the acquiring bank. In the event that a cardholder
disputes a transaction and does not pay the issuing bank, which in turn does
not pay the acquiring bank, the acquiring bank does not receive its
settlement fee and incurs the cost of processing a charge-back against the

Historically, charge-backs have occurred more often when cardholder are not
present during a transaction. This fact has resulted in acquiring banks
charging a higher settlement fee for the so-called credit card hold not
present transactions also know as "mail order/telephone order" transactions.
Typically, acquiring bank may charge one to three percent for transactions
where the cardholder is present and 2 to 5 percent for transactions where
the credit card holder is not present.

Internet commerce uses credit cards to process payments in a variety of
ways. From a legal and operational prospective, e-credit card transactions
should be viewed from two perspectives depending on whether the merchant or
the purchaser initiates the credit card transaction.

In the event of a merchant initiates the credit card transaction, such as
when a customer sends credit card information to a merchant and the
transmits the credit card information to a processor, acquiring banks charge
the higher settlement fee associated with credit card holder not present
transactions. However, when the purchaser / customer initiates the credit
card transaction, such as when purchaser sends credit card information to a
merchant's processor directly acquiring banks charge the lower settlement
fee associated with credit card holder present transactions.

The same result occurs when a customer uses the Visa / MasterCard the Secure
Electronic Transaction ("SET") protocol. Thus Internet firms which use
should normally negotiate a settlement fee associated with a card hold being

In e-business, the customer is communicating, often simultaneously with
supplier, bank and vendor, all in one visit. It is therefore advisable to
address the issues of privacy and secure an indemnity in the merchant
service contract.

Credit card data is generally considered protectable data. The U.S. Federal
Trade Commission is concerned about the privacy of data collected on the
Internet, including credit card related data. Other countries have set
standards for the protection and use of data. For example, the European
Union ("EU") is requires all non-EU firms to provide legal safeguards for
"personal data" about individuals that is "processed" by EU firms. Thus
merchant service contracts should include an indemnification for privacy
violations that result from particular data handling obligations.