⏮️ Context
Mitigating Payment Processing Risks
The integrity of our payment processing system is crucial for the uninterrupted operation of our platform. The recent requirements from Visa to include accurate customer data during payment processing highlight a significant risk in our current operations. Presently, our system sends fake data to SIBS, jeopardizing the acceptance of Visa transactions and exposing us to potential legal actions. This document serves to address this critical issue by proposing a solution to integrate the accurate collection and transmission of customer data. The motivation behind this initiative is to ensure the reliability of our payment processing, safeguard our operations from legal risks, and uphold the trust and satisfaction of our customers. The primary objective is to outline the steps needed to transition to a compliant and secure payment processing system.
🎯 Problem Statement
Risk of Non-Compliance with Visa Payment Requirements
The current method of processing Visa payments through SIBS lacks compliance with the newly mandated requirements set by Visa. This non-compliance involves the transmission of fake customer data, putting the acceptance of transactions at risk and potentially leading to legal implications.
Transaction Rejection Risk: Fake data can lead to the rejection of transactions by Visa, impacting customer experience and operational efficiency.
Legal and Regulatory Issues: Providing inaccurate data violates Visa's regulations, potentially leading to legal actions.
Customer Trust and Satisfaction: If customers become aware of the data inaccuracies, it could erode their trust and satisfaction with our platform.
Operational Disruptions: Rejected transactions can cause delays and interruptions in the order fulfillment process, affecting overall business performance.
Target Audience
Persona 1: Customers
Needs: Secure and reliable payment processing, data privacy, and smooth transaction experience.
Behaviors: Customers regularly place orders via the Whitelabel App, preferring quick and secure payment methods. They expect transparency and accuracy in handling their personal information.
Pain Points: Concerns about data privacy, fear of transaction failure, and potential delays in order processing.
User Story:
As a customer, I want to ensure that my payment details are processed securely and accurately, so I don't face issues with my order and have confidence in the platform's reliability.
Example Use Case: Jane, a regular Burger King customer, tries to place an order but faces transaction rejection due to fake data. Jane contacts Support which is unable to understand why her transaction was denied. Jane then contacts VISA to understand why her transaction is being denied. VISA Support tells Jane that the transaction was denied due to incorrect information. This disrupts her experience and leads to frustration, eroding her trust in the platform.
Persona 2: Support Operators
Needs: Efficient tools to manage customer issues related to payment failures, clear insights into transaction statuses, and accurate customer data to provide effective support.
Behaviors: Frequently interact with the Support/Admin Tool to handle customer complaints and resolve payment issues. They rely on accurate transaction data to diagnose problems swiftly.
Pain Points: Difficulty in resolving issues due to inaccurate data, increased workload from transaction failures, and customer dissatisfaction.
User Story:
As a support operator, I need access to accurate transaction data so that I can quickly resolve payment issues and maintain customer satisfaction.
Example Use Case: John, a support operator, receives multiple complaints about failed Visa transactions. Due to fake data being transmitted, he struggles to provide accurate solutions, leading to increased call times and customer dissatisfaction.
❔ Expected Outcome
VISA Data Requirements
Priority Data Fields | Requirement Status |
---|---|
Browser IP Address4 | Mandatory |
Browser Screen Height4 | Mandatory |
Browser Screen Width4 | Mandatory |
Cardholder Billing Address City5 | Recommended1 |
Cardholder Billing Address Country5 | Recommended1 |
Cardholder Billing Address Line5 | Recommended1 |
Cardholder Billing Address Postal Code5 | Recommended1 |
Cardholder Billing Address State5 | Recommended1 |
Cardholder Email Address3 | Mandatory |
Cardholder Name | Mandatory |
Cardholder Phone Number (Work / Home / Mobile)2 | Mandatory |
Common Device Identification Parameters (Device IP Address)6 | Mandatory |
The remaining fields of the 12 originally communicated as being required in AI13277 will be reverted to “required conditional” with the next publication of the Visa Secure Program Guide.
At least one phone number out of work, home or mobile must be provided.
It is recommended to provide both phone and email data fields for authentication; however, if the market only collects one of the data fields, then providing one of the two options satisfies the minimum data requirement.
Only for browser-based transactions
Except in markets where the billing address fields do not exist
Only for SDK transactions
Must-Haves
Accurate Data Collection and Transmission of all Mandatory fields
Description: Ensure the collection of the mandatory customer data for Visa transactions
Rationale: This is critical to comply with Visa's requirements, preventing transaction rejections and avoiding potential legal and regulatory issues.
Perceived Business Value: High. Compliance with Visa's requirements will ensure uninterrupted transaction processing, maintain customer trust, and avoid legal penalties.
Integration with PAYCOMET for Accurate Data Transmission
Description: Modify the integration with PAYCOMET to transmit the newly required accurate customer data instead of fake values.
Rationale: Directly addresses the core issue of sending fake data, ensuring that Visa transactions are processed correctly.
Perceived Business Value: High. Ensures compliance, reduces risk of transaction rejections, and upholds the platform's reliability.
Integration with SIBS for Accurate Data Transmission
Description: Modify the integration with SIBS to transmit the newly required accurate customer data instead of fake values.
Rationale: Directly addresses the core issue of sending fake data, ensuring that Visa transactions are processed correctly.
Perceived Business Value: High. Ensures compliance, reduces risk of transaction rejections, and upholds the platform's reliability.
Should-Haves
Accurate Data Collection and Transmission of all Recommended fields
Description: Ensure the collection of the mandatory customer data for Visa transactions
Rationale: This is critical to comply with Visa's requirements, preventing transaction rejections and avoiding potential legal and regulatory issues.
Perceived Business Value: High. Compliance with Visa's requirements will ensure uninterrupted transaction processing, maintain customer trust, and avoid legal penalties.
❓ Open questions
📈 Success Metrics
Metric Title | How to Measure: | Success Criteria: |
---|---|---|
Insights
1️⃣ Stakeholder Interviews
[Document here the main insights from interview if applicable]
2️⃣ Analytics
[Document here the main insights from analytics if applicable]
3️⃣ User Research
[Document here the main insights from research if applicable]
Add Comment