Recommended
More Related Content
What's hot
What's hot (19)
Similar to Btl mastercard
Similar to Btl mastercard (20)
More from btlcoin token
More from btlcoin token (20)
Recently uploaded
Recently uploaded (20)
Btl mastercard
- 1. Franchise Management, Global Registrations Overview & Comparison Registration Programs
- 2. ©2016Mastercard.ProprietaryandConfidential. REGISTRATION PROGRAMS Mastercard is dedicated to making payments safe, simple, and smart.
- 3. ©2016Mastercard.ProprietaryandConfidential. REGISTRATION PROGRAMS Service Provider Overview • Mastercard does not object to a Customer’s use of a third party, but does need to know what third party(ies) support a particular Customer, and the nature of the support provided. • A Service Provider may only perform the Program Services it is registered to perform. • Registration of Service Providers allows Mastercard to identify and mitigate potential risks that any 3rd party may present. • Rules concerning Service Providers are set forth in Chapter 7 of the Mastercard Rules manual Btl mastercard
- 4. ©2016Mastercard.ProprietaryandConfidential. REGISTRATION PROGRAMS Service Providers are classified into eight categories based on the services provided. Service Provider Categories Service Provider Overview 1. Independent Sales Organization (ISO) 2. Data Storage Entity (DSE) 3. Third Party Processor (TPP) 4. Digital Wallet Operator (DWO) 8. Service Provider Registration Facilitator (SPRF) 5. Payment Facilitator (PF) 6. Merchant Monitoring Service Program (MMSP) 7. Digital Activity Service Provider (DASP) Service_Provider@Mastercard.com Btl mastercard
- 5. ©2016Mastercard.ProprietaryandConfidential. REGISTRATION PROGRAMS Independent Sales Organization (ISO) Performs services that do not have access to card holder data: Customer Service Cardholder and/or Merchant solicitation, including application processing Merchant Education & Training Point of Interaction (POI) Terminal deployment Cardholder and/or Merchant statement preparation Btl mastercard
- 6. ©2016Mastercard.ProprietaryandConfidential. REGISTRATION PROGRAMS Data Storage Entity (DSE) Performs services that do have access to cardholder data and must be PCI Compliant: External hosting of payment applications (ex: website shopping carts) Encryption Key Loading Computer-based storage of Account or Transaction Data including Merchant website hosting POI Terminal servicing Btl mastercard
- 7. ©2016Mastercard.ProprietaryandConfidential. REGISTRATION PROGRAMS Third Party Processor Performs services that do have access to cardholder data and must be PCI Compliant: Authorization & Clearing Customer Service Fraud Control / Risk Monitoring Btl mastercard
- 8. ©2016Mastercard.ProprietaryandConfidential. REGISTRATION PROGRAMS Third Party Processors are classified as Type I and Type II. Type I • Provides Program Services for more than 100 million in transactions • Must enter into a direct agreement with Mastercard • Issuer/Acquirer must register the relationship with Mastercard via MC Connect Type II • Provides Program Services for less than 100 million in transactions • Issuer/Acquirer must register the relationship with Mastercard Service_Provider@Mastercard.com TPP_Registration@Mastercard.com (Type 1) Btl mastercard
- 9. ©2016Mastercard.ProprietaryandConfidential. REGISTRATION PROGRAMS Mastercard ConnectTM via the Business Administration Tool Registering an ISO, TPP, & DSE Relationship Step 1: • Register & Provision a Company Step 2: • “Click here to Provision and Manage your Service Providers” Step 3: • Create New Registration *If the Service Provider is already registered by your company, you can modify service details by selecting Services Program Services Store Service_Provider@Mastercard.com Btl mastercard
- 10. ©2016Mastercard.ProprietaryandConfidential. REGISTRATION PROGRAMS Registering a Type I TPP Step 1: • Submit TPP registration Form 919 to TPP_Registration@Mastercard.com Step 2: • Submit an Attestation of Compliance demonstrating compliance with PCI Data Security Standards in accordance with the Mastercard Site Data Protection Program to PCIReports@Mastercard.com Step 3: • Submit SSAE16 and Business Continuity forms to TPRMRequest@Mastercard.com TPP_Registration@Mastercard.com (Type 1)
- 11. ©2016Mastercard.ProprietaryandConfidential. REGISTRATION PROGRAMS Digital Wallet Operator Pass-through Funding Stage Digital Wallet Operator Payment Stage Stores Mastercard Account data provided by the Cardholder Mastercard Account data is entered by the Cardholder Receives Mastercard Account data from DWO when initiated by the cardholder • Registration is not required by Mastercard • Wallet ID is not passed during Auth & Clearing Records • Merchant on Record is the Merchant
- 12. ©2016Mastercard.ProprietaryandConfidential. REGISTRATION PROGRAMS Digital Wallet Operator Staged • Registration is required by Mastercard • Wallet ID is passed during Auth & Clearing Records • Merchant on Record is the DWO Funding Stage Payment Stage • PCI certification required
- 13. ©2016Mastercard.ProprietaryandConfidential. REGISTRATION PROGRAMS Digital Wallet Operator Staged Funding Stage Three ways to fund the staged wallet: 1. Before Prepaid/top up 2. During Back to Back authorization 3. After Repayment
- 14. ©2016Mastercard.ProprietaryandConfidential. REGISTRATION PROGRAMS Digital Wallet Operator Staged • A separate transaction transfer money from the wallet to the retailer to pay for the services or goods purchased Payment Stage • Funds transfer to an account designated by the retailer or held by the Staged DWO for or on behalf of the retailer.
- 15. ©2016Mastercard.ProprietaryandConfidential. REGISTRATION PROGRAMS Registering Digital Wallet Operator Staged Step 1: • Validate compliance with the Site Data Protection (SDP) as described in Rule 10.3.2 of the Security Rules and Procedures manual and contact SDP@Mastercard.com Step 2: • Accurately fill out form 1123, D-Wallet Registration. • This is located on MC Connect under Library Forms. Step 3: • Complete and submit the form to d_wallet_registration@Mastercard.com
- 16. ©2016Mastercard.ProprietaryandConfidential. Payment Facilitator Model A c q u i r e r s S u b m e r c h a n t s D i r e c t C o n t r a c t D i r e c t C o n t r a c t P a y m e n t F a c i l i t a t o r
- 17. ©2016Mastercard.ProprietaryandConfidential. Payment Facilitator Model Acquirer’s Responsibilities A c q u i r e r s • Register each Payment Facilitator • MATCH query on each proposed submerchant • Register all high risk submerchants in MRP tool • Submit all non-processed transactions quarterly on form 1235 • Enter into a direct Merchant Agreement when submerchant combined Mastercard/Maestro sales volume exceeds the $1,000,000 USD threshold • Submerchant must be in the same area of use as the Acquirer • 100% responsible for all activity of the Payment Facilitator & each of its Submerchants.
- 18. ©2016Mastercard.ProprietaryandConfidential. Payment Facilitator Model Payment Facilitator Responsibilities P a y m e n t F a c i l i t a t o r• Must conduct thorough due diligence on each submerchant contracted • Must be PCI Compliant • Must monitor each submerchant’s activity to ensure compliance with Mastercard’s standards and applicable law and regulations • Must only use settlement funds to pay submerchants • Must not be a submerchant of any other PF, nor be a PF for another PF
- 19. ©2016Mastercard.ProprietaryandConfidential. Payment Facilitator Registrations Asia / Pacific 219 Europe 324 Middle East / Africa 31 Canada 18 United States 158 Latin America / Caribbean 68 Total: 818 * Based on Acquirer location
- 20. ©2016Mastercard.ProprietaryandConfidential. Marketplaces Cardholder Experience: • If the cardholder searches for, selects, pays for the goods or services on the same website, without being directed to any third party the merchant is a marketplace. • Most marketplaces are not Payment Facilitators and do not need to be registered with Mastercard. • The cardholder’s statement will have the marketplace’s name.
- 21. ©2016Mastercard.ProprietaryandConfidential. Payment Facilitators Cardholder Experience: • When the cardholder is ready to pay for the goods or services, they are directed to the Payment Facilitator’s website to process the payment. • Cardholder interacts with the submerchant for refunds and customer service. • Cardholder’s statement will have both the PF & Submerchant name.
Editor's Notes
- Mastercard has developed a Service Provider Registration Guide that is available on Mastercard Connect. Mastercard does not object to a Customer’s use of a third party, but does need to know what third party(ies) support a particular Customer, and the nature of the support provided. Mastercard considers a Service Provider to be an agent of the Customer that registers it. For this reason, before a Customer begins to use a third party to support any of the Customer’s Mastercard programs, the Customer must register the third party with Mastercard as a Service Provider. A Customer must register each third party provider that it wishes to receive services from. If a third party is to perform Mastercard services for three Customers, it must be registered as a Service Provider by each of the three Customers. If the third party is registered by only one of the three Customers, it may only provide Mastercard services on behalf of that one Customer and not on behalf of the other two.
- A Service Provider is categorized by the Corporation based upon the Corporation’s understanding of the nature of the Program Services to be performed. A Service Provider may only perform the Program Services it is registered to perform.
- “Sales person” – Solicitation of Cardholders and/or merchants Cannot have access to account data – “Account Data – full Primary Account Number” ATM Deployment - The end to end installation and management of ATM network including site selection and preparation, ATM procurement and installation. Merchant Training - Any/all Merchant training related to payment card operations, installation, and/or other functions of technologies associated with payment cards.
- Examples: Online Shopping cart Tracks the cookies and traffic for a particular site Website hosting - Provides space on a server own or lease for use by clients as well as providing internet connectivity, typically in a data center. Any/all computer hosting services, including web hosting. Level 1 PCI - All DSE with more than 300,000 total combined Mastercard and Maestro Transactions annually Level 2 PCI – All DSE with 300,000 or less total combined Mastercard and Maestro Transactions annually Encryption Key Loading - The loading of encryption keys through a safe and secure key code encrypted database. For use in preventing unauthorized access to transaction data in route between endpoints or residing on a network server. Software Application - Software permitting Customers to send or receive card transaction information (for example, non-card account number, expiration date, transaction amount, and so on). Terminal Driving - ATM or POS terminal driving. The proactive management, monitoring, and/or maintenance of ATM and/or POS devices.
- Chargebacks - Processing chargebacks to resolve disputes between cardholders and Merchants Customers Service w/access - Any type of Customer service provided by issuing banks, acquiring banks, or payment card companies with direct access to cardholder account information. Gateway Services - Any service that provides Merchants with real time card authorization and payment settlement solutions using the Internet. Includes sending and receiving data to and from Internet applications (for example, an authorization request) through the Internet. Switching Services - Transaction switching services, which includes authorization, clearing, and settlement.
- A Type I TPP is a TPP that Mastercard deems could significantly impact the integrity of the Interchange System, typically a TPP that provides Program Service for more than USD 100 million in transactions annually. A Type I TPP is the only type of Service Provider that may self-register with Mastercard as a Service Provider. Among other things, an applicant to be registered as a Type I TPP must enter into an agreement directly with Mastercard. •A Type II TPP is any TPP that Mastercard does not deem to be a Type I TPP.
- a Type I Third Party Processor (TPP) is directly registered with Mastercard. If registered as a Type I TPP, the third party may provide Mastercard services on behalf of any Mastercard Customer. However, the relationship still needs to be registered in Mastercard Connect, the same way a type II TPP is registered.
- In a Pass-through Digital Wallet, the wallet is simply a digital version of the physical wallet that a consumer would carry. A Pass-through Digital Wallet stores card information in a digital format for the consumer, and when a purchase is made, that information is passed directly to the Merchant, as if the cardholder was using their physical card.
- In a Staged Digital Wallet, there are two separate transactions. There is a funding stage, where the cardholder can use any credit card to fund or reimburse the wallet. In the payment stage, a separate transaction transfers money from the wallet to the retailer in order to pay for the goods or services being purchased. When a consumer uses a Staged Digital Wallet, the card Issuer would only see the information from the funding stage of the transaction, with the DWO acting as a Merchant, and the Merchant would only see payment from the DWO, regardless of how the consumer funded the wallet.
- The wallet may conduct the funding transaction either before (prepaid/top-up), during (back to back authorization), or after (repayment) the payment transaction.
- An Acquirer may permit a Payment Facilitator to manage the following obligations on behalf of the Acquirer, and remains fully responsible for the fulfillment of each to the extent that the Payment Facilitator fails to do so: a. Verify that a Submerchant is a bona fide business operation, as set forth in section 7.1.2, “Submerchant Screening Procedures” in Chapter 7 of the Security Rules and Procedures manual; and b. Retain records concerning the investigation of a prospective Submerchant, provided that such records are provided to the Acquirer immediately upon request; and c. Pay a Submerchant for Transactions, in accordance with Rule 7.8.2, “Obligations as Sponsor of Submerchants,” part 4; and d. Ensure that a Submerchant is supplied with materials necessary to effect Transactions as set forth in Rule 7.8.2, “Obligations as Sponsor of Submerchants,” part 5; and e. Monitor a Submerchant’s Activity on an ongoing basis to deter fraud or other wrongful activity, as set forth in Rule 7.8.2, part 6.