Cashless is clearly the way forward—but what happens when your patient is credit card-less at the time of purchase? A card not present (CNP) transaction is the name for the process of manually entering a credit card number into a terminal when it’s received via phone, email, or even in person. Not only is there a processing surcharge for CNP transactions, but they are also the least secure payment methods out there.
I should know. I got played.
A patient came in to a practice I managed for a series of laser procedures and gave us a credit card number. Sounds simple enough, right? It did to us, too. We completed the package, and 2 months later, we received a notice from the credit card company stating that we were being charged back $5,500 because the cardholder did not authorize the charge.
The patient gave us her husband’s credit card number, but she was neither a co-applicant or an authorized user. My defense? I had none. Plain and simple, we were in violation of the merchant cardholder agreement.
We recently had another client who thought they hit the jackpot when a long-term patient booked multiple procedures totaling $17,500. The patient’s boyfriend called the practice and provided his credit card number to pay. The transaction cleared, and the monies were credited to the practice’s account.
The client performed the procedures, and then 3 months later…they received a notice of chargeback from their bank. Once again, the company stated that the cardholder did not recognize or authorize the $17,500 charge. The physician lost his appeal. After numerous phone calls to the patient went unanswered, he filed a lawsuit for criminal intent. The funds were recovered after an exhaustive and costly legal battle.
Could any of these distressing scenarios have been avoided? Yes, that’s for sure. A possible defense could have been in order if the physician’s office had the patient or even the actual cardholder sign an irrevocable credit card authorization. This document should be signed by anyone who wishes to present a verbal order or CNP transaction for any procedure.
Download a sample of an irrevocable credit card authorization form to adapt here: http://goo.gl/RTx14G
Protecting Online CNP Purchases
Many physicians generate a substantial amount of revenue from selling products and procedures online.
There are three main questions to ask when evaluating merchant security for online transactions:
1) Is the payor verified by the credit card company?
Credit card companies have controls to verify the legitimacy of the cardholder and the card in every CNP transaction. These tools allow e-commerce merchants to validate a cardholder’s ownership of an account in real-time during an online card transaction. When the cardholder clicks “buy,” the merchant’s server recognizes them as a registered cardholder or not.
2) Is the customer’s address verified?
Address Verification Systems (AVS) are a built-in safeguard that allows CNP merchants to check a cardholder’s billing address with the card issuer. The merchant includes an AVS request as part of the authorization and receives a result code indicating whether it matches the address on file.
3) Did they enter a Card Verification Value (CVV)?
These are three- or four-digit codes imprinted on the signature panel of a credit card to help CNP merchants verify that the customer has a legitimate card in hand at the time of the order. All online order forms must ask for the CVV.
If the answer to all three questions is yes, you are protected.
Jay A. Shorr, BA, MBM-C, CAC I-VII, is the founder and managing partner of The Best Medical Business Solutions, based in Fort Lauderdale and Orlando, Fla. He can be reached via [email protected].