Quote:
Originally posted by *KK*@Dec 6 2003, 12:21 PM
Quite a few of your assumptions are incorrect redeye, especially in regards to the status of 'third party' billing companies, which are legitimate IPSPs when they are set up correctly. One only has to look to the compliance situation, which is controlled by one entity for the entire Visa system...
I'm out and about now but when I get back I'll pick apart some of your statements for comment if you like.
|
I'd love to hear Your comment KK and experience however I doubt that You are correct in this issue.
The processing basicly works under the following scheme in the world (simplified of course):
Issuing Bank - VisaNet - Acquiring Bank - Merchant - Customer.
In between the Acquiring Bank and the Merchant a sales body can be existing: PSP , which is different from IPSP and stands simply for Payment Service Provider. So the chain looks like:
Issuing Bank - VisaNet - Acquiring Bank - PSP - Merchant - Customer.
There are quite a few out there , most if not all do not do anything related to adult.
Examples: WorldPay, SecPay, SureFire, Paysystems and so on.
These companies are authorised by acquiring banks to process transactions on behalf of the bank and to organise more or less sales , since the bank itself is not able to do it due to many reasons (I know of only 1 acquiring bank managing everything inhouse, although I think there are more and that system is Barclays EPDQ), however there must be a direct relationship in between the bank and the merchant and merchants must be on separate MIDs (Merchant IDs, some call them merchant accounts).
There are no exceptions by Visa bylaws and regulations.
Well let me rephrase it, untill a year ago or when was it, there WERE no exceptions.
The reason behind it is very simple , no body in most of the countries of the world (the tribe of hannibals on the island of Lu-Lu is an exception, however their neighbours hannibals from the island of Ku-Ku are adopting bank licenses already
) is allowed to operate with third parties moneys unless than body is licensed as a bank in case the funds come from general public or have a limited license if the funds originate from prewritten in the license origins like exact companies which will send them.
The exception however exists in the general laws that if the body is just passing through funds of third parties without ANY interference with them it is allowed to operate without license. I.E. if the company just gets the funds from bank for its clients it is ok. The following applies to Europe where we payed quite a lot to worlds 4th largest legal company for the research on this subject.
However the company may not create or mantain accounts. This is called that funds on DEMAND are prohibited without license.
It is quite complicated. Read it three times to get some understanding of it.
So third party billing companies BY LAW are allowed to exist only as money transfering companies however they do not fit into the processing chain because unless licensed as a bank they will not be able to be plugged into VISA NET directly and therefore will never have a possibility to mantain separate accounts of their own for merchants.
I'll make it simplier - the legal bodies which aggregate clients transactions and route transactions to the VISA NET and make the processing itself (i.e. take the money from the card, put the money on to the merchant account, transfer it further or block it or hold it or whatever) exist and are called acquiring banks.
For a majority of such operations the body has to be either the bank or be licensed as a bank BY LAW and not by Visa regulations.
While the internet evolved the banks were not ready themselves to play by the rules. They still are not ready.
The process of getting a merchant account is still quite complicated.
So nobody cared about companies processing in breach with rules and sometimes law (take PayPal for example or all systems of e-money) because it helped the net to evolve.
However now it has to be fit into normal laws which essentially is good for everyone. When You have a direct relationship with a bank You are protected by LAW that You will in fact see Your money if You are pornographer or not. And everyone else is protected by LAW that if You fuck up it will be You who is liable and not everyone else around You. Of course the bank will not smile to You saying "Hey! You do porn! You're a great client!" but that is the price You got to pay for making more money than the rest of dudes around You - that is normal.
As for IPSP regulations - they are just a way to at least normalise somehow the situation, billing companies have to go away, but slowly without scandals and publicity and other things which can hurt the e-commerce too much and throw it back to the stone age.
The IPSP regulations in fact have been applied only at two acquirers in fact (may be I am wrong here). At FDMS and PAGO in Germany to the existing huge aggregators (Ibill and so on). However they were forced straight away from PAGO and this stuff now is active only at FDMS.
The funny stuff is the following thing which has occured: There is NO other acquiring bank in the world I think now which will require You to get VISA approval prior processing for each URL on Your own merchant account and that is FDMS (through their sales body CardServiceInt). That's right. If You apply for Your own merchant account in FDMS through CardServiceInt You will have to send in just the same way as on Ibill for example all Your URLs prior processing to VISA for approval. The approval takes 1 month by the way.
In all other acquiring banks in the world You get Your merchant account for Your company and run as many sites under it as You want, as long as they are Your sites, You may only be required to show them from time to time.
As I said already - the descrimination laws are quite a serious thing to consider.
And of course You can NOT setup a new IPSP. You cant do it correct or incorrect - it's impossible because there is simply no such thing as IPSP towards other companies than Ibill, CCBill and Epoch. May be Verotel recently as well.
I know about SG & FDMS and the way IPSPs are setuped , I also know that recently a very powerfull team including CEO in the near past of the biggest of those billing companies has applied to SG & FDMS for a new IPSP account and of course were declined. The stuff applies only to existing companies which are too big to be shut down immediately at least in FDMS in USA, as You know in PAGO it happened very easily.
KK do You stand for KimmyKim excuse me for my ignorance? If so I know of Your obsession (in the good sense of the word) with IPSP rules, we even met couple of times in debates on this subject on GFY, my nickname there is "Incognito". When You were in CCBill I didnt like Your approach so I might have been a bit too rude, please excuse me, because I thought it was just ignorant promotion of CCBill, however when You quit that company I have changed my mind because I understood that You are simply very very interested in the subject.
By the way I have those rules , a copy of IPSP rules from VisaInt , London on my computer.
So whenever You are trying to understand what is right or what is wrong just look on the following chaing again:
Issuing Bank - VisaNet - Acquiring Bank - PSP - Merchant - Customer.
It is the only correct chain.
And whenever You apply for a merchant account , if it's NOT for adult , be sure that the body claiming that it is an Acquirer is indeed and Acquiring Bank.
There is a shit load of fraud right now on the net because so many people look for merchant accounts with no real understanding of how the stuff really is that everything is possible.
For adult though, in most cases now, the link looks like:
Issuing Bank - VisaNet - Acquiring Bank - SomeBullshit - PSP - Merchant - Customer.
Where SomeBullshit is a company which belongs to the Acquiring Bank and is happilly called either a gateway or a designated bank processor or some other word or a PSP. The Banks are scared to open real direct merchant accounts right now so they put a company in between and open Your merchant account in that company so You dont have direct relationship.
It's completely off the rules book as well however at this moment it's not really dangerous cause Visa doesnt seem to complain about it as long as merchants go on separate merchant accounts whomever holds them and it's the bank which is behind it anyway so everything is fine. That's what they now do in offshore banks acquirers and in Israel.
The only thing You have to be sure of is that it is indeed the banks establishment. Because there are a lot of frauders there. Examples of popular frauders:
Ecommerce Services UK , QwikPay, CEE KEy, EdenCom.
An easy way to find out is simply if You see the bank name somewhere in the process of running that merchant account. There always is a contract of SOME sort or an application to the bank or contact with the bank even if the merchant account is opened in this intermediary company.
Companies like Ecommerce Services UK open You a merchant account in their own gateway and DO NOT let You see the bank behind it. If WHEN You are approved (prior to approval a lot of companies hide the bank name, although some do not) You find out that You are not allowed to see ANY bank at all in Your processing - it's fraud.
Also dont be suprised that frauders often areserious employees of banks, acquirers , known billing companies (Epoch, Ibill, CCbill as well) in the past of present.
One of the worst frauders for example WAS Edencom from France. Edencom processed for a shit load of russian lolita paysites year ago. Most of smaller billing companies were plugged into it (like BillCards, just smaller)
Know what?
The person who was forwarding webmasters (russian as well) to Edencom, an intermediary between Edencom and other dudes is a CURRENT employee in the Netherlands of a very respected acquirer from Sweden - Netgiro.
The guys who worked in Edencom were all previous employees in Coca-Cola.
As I said the best way to see if it's fraud or not - if they allow You to see the bank.
In normal e-commerce , non adult, there is a lot of similar fraud as well.
There is a shit load of PSPs plugged in to other PSPs and so forth. Which is not allowed as well.
In normal e-commerce the chain is very simple and looks only like this:
Issuing Bank - VisaNet - Acquiring Bank - PSP - Merchant - Customer.
Whatever is in between means charging You more money and against the rules.
Hope I was helpfull.
Again if anybody wants to share experience, lets do it.