Compliance Notices

Card brands introduce ongoing technical and business enhancements that may affect the way you accept card payments. As a merchant, you are required to follow the procedures set by them. These enhancements may require you to review your operating procedures, and modify them as necessary by the required implementation date. Below is a list of current compliant releases.

Compliance Notifications

  • Visa is introducing a new purchase return authorization mandate that will affect all merchants that process customer returns. Currently, Moneris authorizes merchant returns on behalf of Visa and the card issuer. Effective 28-Aug-2018, Moneris will send return authorizations to Visa and the card issuer for all such transactions.

    You are not required to take any action for these changes to take effect.

    The new return authorization messages will enable issuers to update cardholders’ online banking statements in real time. This new flow of information on returns is intended to enhance cardholder confidence in the payments system, as the information they receive on purchase returns will better align with what they see on purchases.

    For merchants, real-time issuer account validation may offer a number of key benefits:

    • Improved customer experience and satisfaction
    • Fewer customer service inquiries due to a lack of real-time information regarding returns
    • Help reduce or minimize related chargebacks related to the timing of posted return transactions

    As a part of this change, merchants may receive decline messages for return authorizations. The possibility of declined returns is expected to be minimal. If a return is declined, merchants may choose to offer the refund credit to another Visa account or offer the credit in an alternate form such as cash, in-store credit or prepaid card. In doing so, merchants should ensure that evidence of the declined return is retained in case of a future dispute.

  • Effective December 31, 2018, UnionPay International (‘UnionPay’) is introducing a new series of Bank Identification Numbers (BINs) that begin with ‘81’ (e.g., 810000-817199), as well as expanding all BINs to eight digits (‘8-digit BINs’). To avoid any disruption to your business, you will need to apply the following updates to your systems.

    If you are using a Moneris® standalone payment solution, you are required to:

    • Activate UnionPay 81 series BIN changes on your POS device(s) by reinitializing your terminal. In the event that you do not re-initialize your device by December 31, 2018, the terminal will prompt you to do so.

    If you are using a Moneris® integrated or ecommerce payment solution, you are required to:

    • Contact your integration partner, web developer and/or internal IT department to test your payment application and confirm the POS is certified by the December 31, 2018 deadline.
    • Moneris has made UnionPay 81 series and 8-digit BINs available in the production environment for POS testing.

    As per UnionPay card acceptance policies:

    • All point-of-sale terminals must support the UnionPay 81 series BIN standards.
    • Both card present and card-not-present POS environments (including hard-coded ecommerce sites) must be equipped to recognize and process 81 series BINs, following the same logic and handling as transactions made with Primary Account Numbers (PAN) in the ‘62’ series today.
    • Back office reporting systems must be able to recognize 8-digit BINs in all occurrences where the 6-digit BINs used by card brands today are reported.

    UnionPay will be monitoring BIN acceptance rates and may impose non-compliance assessment fees to businesses that are unable to accept 81 series and 8-digit BIN cards by the December 31, 2018 deadline.

    For businesses using a standalone payment solution, please contact the Moneris Support Center at 1-866-319-7450 with your questions. If you are using an integrated payment solution, please contact your POS integration partner for assistance with re-initializing your payment processing application(s).

  • (UPDATED March 2019)

    On April 12, 2018, Visa® and Mastercard® implemented policy changes to improve card security and further reduce fraudulent transactions and chargebacks in Canada. This will impact the way merchants accept card present (CP) and card not present (CNP) payments for domestic and international transactions.

    Fallback (Visa and Mastercard)
    Visa and Mastercard are enacting a ‘no fallback’ policy for CP transactions, which means that merchants will need to request an alternate method of payment if a customer’s Chip & PIN transaction fails, as the card will not ‘fallback’ to the magnetic swipe. These changes took effect April 12, 2018 for domestic transactions on both card brands, and October 12, 2018 for international transactions using Mastercard.

    CVV2 (Visa only)
    Visa introduced a requirement on October 14, 2018 requiring telephone order and e-commerce merchants to capture CVV2 at checkout and include it in the authorization request. This rule does not apply to (updated March 2019):

    • A transaction that uses a stored credential
    • A transaction initiated with a payment token
    • A transaction in which a paper order form is used
    • A transaction involving a recurring or installment payment (second and all subsequent transactions)
    • A transaction conducted through a digital wallet such as Visa Checkout
    • A transaction originating from an indirect sales channel
    • A delayed charge transaction
    • A transaction involving an incremental authorization request
    • A MO/TO transaction where the CVV2 is captured manually and provided in written format
    • A transaction that received a decline response and is resubmitted for authorization, as specified in the Visa Rules (ID#: 0006007)

    Merchants using the Moneris Gateway are required to make changes to enable CVV2 information capture at payment checkout. Affected services include:

    • Moneris API
    • Batch submissions
    • Hosted Pay Page
    • Hosted Vault
    • Virtual Terminal
    • Merchant Resource Centre
    • Hosted Tokenization

    Moneris has activated Card Validation Digits (CVD) and Address Verification Services (AVS) for all Gateway Merchants effective May 15, 2018 at no additional fees or costs.

    For details on required changes, please see: www.moneris.com/VisaCVD.

    Stored Credential Transaction Framework (Visa and Mastercard)
    Visa and Mastercard are updating their security policies for CNP transactions, beginning with the introduction of the Stored Credential Transaction Framework on October 12, 2018, which outlines the requirements for initial storage and subsequent use of payment credentials.

    For more information on the respective changes announced by Visa and Mastercard, please visit:

    Visa: Moneris.com/VisaSecurity
    Mastercard: Moneris.com/MCSecurity

  • Effective April 13 2018, Visa will be implementing the Visa Claims Resolution (VCR) initiative to reduce the number of chargeback disputes and improve the overall efficiency of the dispute resolution process. Information on upcoming changes related to the VCR initiative has been provided below.


    Reduced Resolution Timeframes
    Chargebacks can typically take anywhere from 46 to 100 days to resolve, depending on their complexity. Visa is streamlining their chargebacks dispute process by eliminating any extra touch points and exchanges of information between parties. Reducing the time and resources it takes to resolve disputes will benefit merchants, issuers and cardholders alike.

    Merchants will now be asked to respond to chargeback disputes within seven calendar days from the date of notice.


    Changes to Chargeback Reason Codes
    The current list of 22 Visa chargeback reason codes will be replaced with new values and grouped into four new categories of disputes: Authorization, Fraud, Processing Errors and Consumer Disputes. For a full list of the new Visa chargeback reason codes and their corresponding dispute categories, please visit the Moneris chargebacks page.