E-Commerce Disclosure Requirements
This guide outlines the disclosure requirements set by Visa, MasterCard, AMEX, and Discover for all merchants processing e-commerce transactions and a sample web page that shows an example of a fully compliant e-commerce Merchant. These requirements apply to all Merchants that accept payments in apps or on websites.
Display Card Brand Logos
Each major credit card’s brand logo must be present in full color. See the example image below:
Capture Legal Age
If applicable, this requirement sets restrictions for one of the following:
Transactions requiring minimum age limits, such as for the sale of medical services.
Transactions requiring certain legal requirements such as tax or financial service companies.
See the example for the requirement:
Enter Date of Birth:
MM/DD/YYYY
Provide an Explanation of Processed Transaction
A complete description of goods or services being sold. See the example image below:
Provide a Return and Refund Policy
The requirement indicating the merchant’s refund policy, even if no refunds are accepted, must be specified. For a comprehensive e-commerce return policy example, see the Amazon Return Policies.
Provide a Customer Service Contact
This requirement displays the contact information for customers to be able to reach a merchant regarding goods, services, or transactions. This must include an email address or telephone number. See the example image below:
Contact us: (555) 555-5555
Provide the Merchant Address
This requirement shows the permanent address of the merchant selling the goods or services. The address must also include the country code. See the example for the requirement:
123 Company Street
Culver City, CA 90230
USA
Define the Transaction Currency
This requirement must display the type of currency being used in the transaction, such as US dollars (USD) or Canadian dollars (CAD). See the example image below:
%20(1).png?inst-v=89b936af-2b76-4bc6-8352-49ae303a7336)
Maintain HTTPS for Secure Transactions
Hypertext Transfer Protocol Secure (HTTPS) encryption protects data exchanged between browsers and servers, securing credit card and personal information during transactions and meeting online security standards. As a result, all e-commerce transactions must be processed over HTTPS to ensure data encryption and secure communication between the client and server. This is sometimes indicated by a padlock icon within a URL bar, see the example image below shown on a Chrome browser:
Display All Web ACH Authorizations
This requirement displays an authorization being made by the cardholder to process the transaction using ACH payment methods for a merchant to process the transaction meeting E-Sign Act requirements.
Single Transactions
See the example ACH web authorization requirement for a one-time payment transaction using eCheck:
First Page:
To pay your (Company Name and type of bill), enter amount and click the PAY button
Amount: $____________________
Second Page:
I authorize XXXXXX to initiate [a single or XXX recurring] ACH/electronic debit[s] to my account in the amount of $XXX.XX from [can specify either “bank account on record” if account information is retained once it is entered, or provide a space for the entry of account information: checking or savings account, Depository Name, Routing Number and Account Number] on XXXXXX (date and/or frequency of debits).
I agree that ACH transactions I authorize comply with all applicable law.
[PAY BUTTON]
Recurring and Pre-Scheduled Transactions
If the payment is scheduled in advance, or the authorization is for recurring debits, include the following:
I understand that this authorization will remain in full force and effect until I notify XXXXXX [insert manner of revocation, i.e. in writing, by phone, location, address, etc.] that I wish to revoke this authorization. I understand that XXXXXX requires at least [x days/weeks] prior notice in order to cancel this authorization.
Payments made after X:XX P.M. eastern time will be applied as of the next business day.
To complete the payment process, click the “authorize” button. Once payment is authorized, there cannot be any changes or corrections.
I agree that ACH transactions I authorize comply with all applicable law.
[PAY BUTTON]
Provide a Delivery Policy
If applicable, the policy for the delivery of goods purchased in the transaction. For a comprehensive e-commerce delivery policy example, see the Amazon Delivery Policy.
Provide a Consumer Data Privacy Policy
This requirement, which should be linked within the payment page, discloses the merchant’s policy of the ways a party gathers, uses, discloses, and manages a customer or client's data.
For a comprehensive e-commerce consumer data privacy policy example, see Amazon Data Privacy Notice.
Provide a Secure Checkout Policy
This requirement lists security capabilities and policies for the transmission of payment cardholder data by the Merchant. For a comprehensive e-commerce secure checkout policy example, see the Home Depot Secure Checkout Policy.
Define All Terms and Conditions
This requirement lists all legal terms and conditions a consumer cardholder agrees to when purchasing goods or services from a merchant.
Payrix Pro Partners can satisfy this specific requirement in one of two ways:
Create a Merchant Terms of Service that requires all of your merchants to follow them with a link to the terms displayed on the checkout page.
Add a link on the checkout page that allows merchants to upload signed copies of your terms and conditions.
Compliant E-Commerce Example
The image below outlines an example of all the e-commerce requirements above being met within a page:
