Before you sign up with a payment gateway, you need to know whether it supports credit card data portability. With no regulations in the payment credit card industry with regards to data portability, merchant account providers have been operating on their own terms and leaving merchants at the mercy of their terms and conditions. This is very problematic since it locks merchants from changing providers lest they lose all their customers’ credit card numbers.
One dirty secret that most merchants do not know is that their payment gateway provider is likely holding their customers’ credit card data hostage. This means that if a business wants to move to a different provider, it will not be able to access its past or present customer credit card details. If you are running a subscription based business, you will not be able to bill your customers if you change gateways since you will not have their credit card details.
Two of the well-known payment gateways that do not support credit card data portability are PayPal and Authorize.NET. If you are running a subscription commerce site and have already amassed a large number of users, the switching costs may be expensive. However, it is the possibility of not being able to bill your customers anymore that is more worrying.
Braintree’s Efforts to Encourage Credit Card Portability
In 2010, Braintree started an initiative to bring together merchant service providers who would like to allow credit card portability. This led to the formation of the Portability Standard, which aims to set the industry standard rules on credit card portability.
The objectives of this association is to eliminate vendor lock-in of merchants’ customers’ credit card data, creating PCI-compliant standards and secure transfer of sensitive credit card information, and embracing free market principles and fair competition.
The members of this association consist of service providers that handle credit card data. The providers agree to provide credit card data and associated transaction information to existing merchants on request in a PCI compliant manner.
Merchants cannot be given the credit card data unless they are PCI-compliant. The same also applies to the providers than merchants are switching to. The providers must be PCI-compliant to be given the data, which is encrypted and transferred in a secure manner.
Braintree did a cool video as well.
Why Should your Provider Support Credit Card Portability?
Most merchants are better off letting a billing company handle credit card data for two reasons:
- Achieving PCI compliance without the help of a provider is extremely tough.
- The security risk of having the data storage breached.
With these in mind, your provider should enable credit card portability for the sake of your business. You should choose a provider that supports portability because of the following:
- You will retain your customers billing information should you choose to switch gateways.
- You can access and keep track of your historical transactions when you switch providers.
Some merchants do not indicate whether they support portability. Merchants only find out of the horror when they wish to change gateways. Therefore, make sure you have this issue addressed before you sign the merchant agreement. If the company supports portability, find out what will be required for them to transfer the data to your new provider, how long the process will take, whether there are any fees for the transfer and the terms of the transfer.
Having worked hard to build your subscription commerce website, your merchant service provider should not lock you with them by not allowing credit card portability. To know if a merchant service provider allows credit card portability, look for the image (below) on their website.
Your turn now. Have you ever been in a situation where you wanted to migrate but your gateway refused to transfer your customers’ credit card data? Please use the comment box below to share.