Introduction
This document presents general requirements and recommended guidelines concerning merchant’s website content and layout. It refers to websites where merchants sell their products and/or services.
The rules need to be followed by all merchants who receive payments from their customers’ transactions processed with credit cards issued by Visa and MasterCard. In addition, they constitute a universal set of best practices for e-commerce websites.
The main objective is to protect all the parties involved in the payment process. It can be achieved by increasing the security of performed transactions, and decreasing the risk of receiving unclear or misleading information causing potential disputes.
Following these rules will allow merchants to process credit card transactions securely, easily and efficiently, as well as save time and money.
Identification of merchant company
The cardholder must be able to clearly identify the merchant company at all times.
It is recommended to insert the company name into the footer of every page on the merchant website.
Company registered address
We require stating the merchant company full registered address (street, zip code, country) on the website and displaying it at least before completing the purchase transaction.
Anonymous addresses, such as PO Boxes, cannot be used.
Contact information for customers
Merchants must provide their contact details allowing cardholders to obtain information on purchased products or services.
Acceptable contact methods:
The contact information must be clearly visible and easily accessible, not only during the sales process, but also after the transaction is completed.
A customer should be able to contact the merchant within a period of 90 days following the initial transaction date.
Description of goods and services
All offered goods and services need to include comprehensive description to ensure a customer is not confused with their features or prices.
Range of goods
The range of sold goods must correspond to the business type declared by the merchant in the merchant account application.
Should the merchant decide to change the type of products/services offered on their website or introduce a brand new offer (e.g. they currently offers e-books but plans on selling hotel reservations), we require contacting PayLane first to determine whether the new products/services can be sold via the current merchant account. Not meeting this requirement may result with the account closure.
Confidentiality policy
Merchants must assure customers that their security measures are compliant with all applicable data protection and confidentiality laws concerning personal information provided by the customers.
The merchant shall inform all customers visiting the website about the terms and conditions of their confidentiality policy. We recommend including such information on a separate, dedicated page, such as “Privacy Policy”.
Returning goods, refunds and cancellation procedures
The merchant must clearly inform the customers about:
To prevent any potential misunderstandings, disputes or conflicts causing chargebacks, the information described above shall be clearly presented to the customers before any purchase is made.
Transaction security
The merchant must clearly inform the customer about used transaction security measures and encrypt all transactions using SSL with a minimum strength of 128 bit.
Integration of Visa and MasterCard logos
The logos of credit card organizations must be included on the merchant website, at least on the secure payment page.
The merchant is required to ensure that no logo is placed at a substantial disadvantage in comparison with other available payment means.
Moreover, the logos should be presented in such a way that there is no impression that the credit card organizations are the providers of the goods and/or services that are being purchased.
Detailed information on the required logos can be found here:
Transaction currencies
Every customer needs to be advised about the transaction currency before the purchase is made.
If the currency symbol is not unique worldwide, the currency name must be fully specified, according to the 3-letter ISO standard (e.g. "USD" or "US$" rather than just "$").
It allows to avoid issues resulting from the same currency symbol being used in various countries (e.g. Australian, American and Canadian dollar share the same currency symbol).
Complete transaction value information
The customer must be able to clearly identify the final transaction price, including any additional fees that will be added to the basic price of the goods or services being purchased.
Minimum amounts
The merchant is not allowed to set a minimum transaction amount for any purchases made with a credit card.
Issuing of invoices issuing/time of contract fulfillment
The merchant should state:
Response time for all customer queries
The company should respond to all customer queries within two business days (e.g. via e-mail or phone) and display the response time on the website.
Reference to copy of the transaction data
The merchant must explicitly instruct the cardholder to retain a copy of the transaction data for their own record. The copy, particularly the unique transaction numbers, should be easily accessible and stored in a safe place.
The information should be placed on the merchant’s website, right after the purchase is made.
For the customer’s convenience, the merchant may implement a feature enabling customers to electronically receive and print out the transaction confirmation.
Physical location of the cardholder
Along with complete transaction data, the merchant must gather and store in a secured database, information on cardholders physical location.
The merchant should be able to easily find and access the location data at any time.
Delivery policy / delivery facilities
Delivery policy must be clearly presented on the merchant website.
If possible, the order confirmation should be sent to the customer within one business day after the purchase is made. The confirmation message needs to contain information on the date and method of the goods/services delivery.
Export restrictions
Any export restrictions with regard to the offered merchandise must be stated on the merchant’s website.
Cardholder charge
It is strongly recommended that the cardholder is charged after the goods are delivered (dispatched) and/or the service is completely rendered.
Upon immediate products’/services’ dispatch or required advance payment, the cardholder can be charged instantly.
Transaction receipt: clear transaction identifier
A unique identification number (ID) must be assigned to each transaction to prevent or resolve any potential issues between the cardholder and the merchant.
The ID must be clearly stated on every transaction receipt and used to identify the transaction in any communication between the merchant and the customer.
PayLane provides a unique Sale ID with each transaction that can be used as a unique transaction identifier.
Merchant’s company online address
A transaction receipt must contain the URL of the website where the goods were purchased.
Descriptor of the merchant’s company on the cardholder’s statement
Merchant’s descriptor (textual identification of the merchant) is sent to the cardholder’s bank and then assigned to respective transactions on a credit card statement. The merchant specifies their descriptor when signing the agreement with PayLane.
The descriptor on the credit card statement must clearly identify the merchant. We recommend that the merchant use their name and/or the website URL as the descriptor.
The descriptor must be displayed on the merchant’s website during the purchase process and/or included in the sale’s Terms and Conditions that is published on the merchant’s website.
It is also recommended to include the descriptor in the purchase confirmation e-mail (receipt).
