3. When do my transactions get funded?
Usually within two business days after you submit your batches to Flagship.
4. Can I be approved if I have bad credit or no credit?
We maintain one of the highest approval rates in the industry. With our free application you have nothing to lose.
5. What do I get with an Internet merchant account?
You get four things:
A Flagship Merchant Services merchant account to accept major credit cards.
A First Data Global Gateway API Secure Payment Gateway script to integrate into your Web site so your customers can make purchases directly off your site 24 hours a day without you having to run the transaction manually. to link to your web site.
24/7 toll free customer and technical support along with a dedicated web site called Mymerchantoffice®.com where you can review all of your transactions, run reports and download your monthly statement.
6. Do I need a shopping cart for my Internet merchant account?
No, we provide you with code that passes your customer's information to our gateway. However, merchants that have a large number of products may find it easier to use a shopping cart. If you only need a virtual terminal then you don't need a shopping cart.
7. What if I need help with my account?
Flagship Merchant Services customer service representatives are available to serve you 24 hours a day, 7 days a week. In addition, Mymerchantoffice.com, is a dedicated Web site, allows you to access your merchant account information online at any time, from any location.
9. Will I be trained to use the credit card terminal?
Yes. Once you receive your credit card terminal a representative of Flagship will train you on how to use the terminal. In addition, we provide a toll-free customer service number you can call 24 hours a day, 7 days a week, so you can get help at any time.
10. What types of merchants does Flagship Merchant Services approve?
Flagship Merchant Services processes credit and debit card transactions for thousands of traditional and Internet businesses. Whether you are building an e-commerce Web site, a traditional retail business or a mail order/telephone order business, you will want to open a Flagship Merchant Services merchant account, which enables you to accept payments for customer purchases.
11. How long before I can start accepting credit cards?
Merchant accounts are generally approved within two business days and merchants can process the next business day.
12. I'm not sure what terminal, equipment or software is best for my business?
Please consult your Flagship agent regarding the various options available.
13. How does First Data Global Gateway API integrate with my Web site?
To manually enter credit card transactions, you do not need any additional integration. You log on to a Web site and complete the credit card transaction using your First Data Global Gateway Virtual Terminal. In addition, to enable your customers to make purchases right off your Web site, we give you API script to integrate into your Web site. Your customers will then be able to make purchases from your site 24 hours a day. When they do make purchases, you and your customer will receive an e-mail detailing the transaction.
14. How is Flagship Merchant Services allowed to process credit cards?
Flagship Merchant Services is a registered ISO/MSP for clearing and settlement institutions that sponsor Flagship Merchant Services to enter MasterCard® and Visa® transactions into the interchange system.
15. How do I get my money?
There are four steps to getting your money; 1. Initiating, 2. Authorizing, 3. Completing the transaction and 4. Receiving your funds.
Step 1-Initiating the transaction to verify that a card is active and within the approved spending limit:
Brick-and-mortar and retail or restaurant environments-swipe the card or key in the number through a point-of-sale terminal (i.e., card is physically present).
Mail order/telephone order environments-enter the card identifiers the customer has provided you by mail, telephone or fax (i.e., the card is not present).
Internet environment-Customer provides your Web site with card identifiers (i.e., card is not present).
Step 2-Real-time authorizing, which reduces chargebacks and catches card-entry errors:
Credit card number is entered.
Terminal or software transmits the credit card number and expiration date and sales total to Flagship Merchant Services.
Flagship Merchant Services transmits data to customer's credit card-issuing bank.
Customer's issuing bank approves or declines the transaction.
Step 3-Completing the transaction:
Merchant's terminal or software transmits transaction details to Flagship Merchant Services in a batch at the close of the business day.
Flagship Merchant Services forwards transactions to each credit card company, which redirects the transactions to appropriate banks.
Bank debits credit cardholder's account and credits Flagship Merchant Services.
Step 4-Receiving your funds:
Flagship Merchant Services credits your merchant account, usually within two business days.
16. How is my money protected?
Flagship Merchant Services is equipped to address the key protection issues of both traditional and Internet merchants, including fraud, loss prevention and chargebacks. Flagship uses state-of-the-art security technology, and the First Data Global Gateway uses Secure Sockets Layer (SSL) technology-designed to help protect merchant and payment information.
18. What is your return policy?
Flagship Merchant Services Return Policies – Because the prices we offer our merchants are normally lower than our competition offers, Flagship Merchant Services has a strict policy of only selling equipment to our merchants who use our credit card processing services. We reserve the right to refuse sales to merchants who do not have a merchant account with our company and to any resellers.
Flagship Merchant Services will handle replacement and warranty service for the first thirty days after purchase. All equipment purchased through Flagship Merchant Services comes under manufacturer warranty.
After thirty days, we help our merchant contact the manufacturer for service on all warranties.
Flagship Merchant Services offers a terminal replacement program for $9.95 per month as an extra level of protection for the credit card machines we sell. This coverage is only available at the time of purchase. Merchants that have signed up for our terminal replacement program should call for immediate service on their equipment.
New/Unopened equipment may be returned, at the merchant’s expense, within the first thirty (30) days of purchase. (A restocking fee of 15% to 25% of the purchase price will be applied to the return.)
Any equipment not returned in the original packaging with all cords, parts and manuals will be refused and returned to sender without a refund.
Software, all Internet gateway license fees, and any set-up fees sold through Flagship Merchant Services, cannot be returned for a refund.
19. What is PCI DSS?
The Payment Card Industry (PCI) Data Security Standards (DSS) is a set of requirements for enhancing payment account data security. These standards were developed by the PCI Security Standards Council, which was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa, Inc. to facilitate industry-wide adoption of consistent data security measures on a global basis.
20. I have never heard of PCI Compliance before, is this new?
No. Merchants have been advised to take the PCI self-assessment and be compliant for the past 3 years. The framework of the PCI data security standards has existed in different forms for some time now and continues to evolve. You may be more familiar with the payment brands' programs that promote the implementation of the PCI DSS.
MasterCard®: Site Data Protection (SDP) program
Mastercard.com/sdp
Visa®: Cardholder Information Security Program (CISP)
Visa.com/cisp
Discover® Network: Discover Information Security & Compliance (DISC)
Discovernetwork.com/fraudsecurity/disc.html
American Express®: Data Security Operating Policy
AmericanExpress.com/datasecurity
21. What am I required to do to certify my account is PCI compliant?
The minimum requirement is that you complete a PCI DSS self-assessment questionnaire on an annual basis. If you electronically store cardholder information or if your processing systems have any internet connectivity, a quarterly scan by an approved scanning vendor is also required.
22. I only process a few hundred dollars a month. Does my merchant account still need to be PCI Compliant?
Yes, all merchants, whether small or large, need to be PCI compliant. The payment brands have collectively adopted PCI DSS as the requirement for organizations that process, store or transmit payment cardholder data. Inherent in having a merchant account is the ability to handle cardholder data.
23. I'm a seasonal merchant that only processes three months out of the year. Does my merchant account still need to be PCI Compliant?
Yes, all merchants, whether small or large, need to be PCI compliant. The payment brands have collectively adopted PCI DSS as the requirement for organizations that process, store or transmit payment cardholder data. Inherent in having a merchant account is the ability to handle cardholder data.
24. I’m already using a “PCI compliant” terminal/gateway. Why do I have to have my account certified for PCI compliance?
The PCI Security Standards Council has various requirement programs. The Payment Application Data Security Standards (PA-DSS) is a set of requirement to help software vendors and others develop secure payment applications that do not store prohibited data such as full magnetic stripe, CVV2 or PIN data, and ensure their payment applications support compliance with the PCI DSS.
Use of a terminal/gateway that runs PA-DSS certified software is one of many components that are evaluated in the assessment of an account's PCI DSS compliance.
25. What is an approved scanning vendor?
An approved scanning vendor is an organization that validates adherence to certain DSS requirements by performing vulnerability scans of a merchant's internet-facing systems.
26. Who should I contact for support in becoming PCI DSS compliant?
First Data Independent Sales (FDIS) has partnered with Security Metrics, Inc. to help you evaluate the status of your account, to assist with any necessary remediation efforts and to certify your account's PCI compliance. You can reach Security Metrics by calling (800) 557-4684 or by going to their website, www.securitymetrics.com. Be sure to identify yourselves as a merchant of First Data Independent Sales.
27. How do I identify myself as a First Data Independent Sales merchant to Security Metrics?
If you call Security Metrics, you can tell the representative directly. The representative will ask you for the last six digits of your (12-character) merchant account number. If you enroll with Security Metrics online be sure to select "First Data Independent Sales" from the Acquiring Bank field drop-down menu on the Purchase Information screen. You will then be prompted to enter the last six digits of your (12-character) merchant account number and zip code.
28. Why should I identify myself as a First Data Independent Sales merchant?
FDIS has negotiated preferred rates with Security Metrics. By identifying yourself as a FDIS merchant, you become eligible to receive these preferred rates.
29. Is there a fee for Security Metrics' services?
Yes, but if you have already paid the $99.00 PCI fee which was billed to you by FDIS, then you will not have to pay any additional fees to Security Metrics for the calendar year. FDIS has negotiated this reduced fee as a cost savings for all FDIS / Flagship merchants.
30. Will I be provided with anything that I can display to my customers showing that I am a PCI compliant merchant?
Yes. Upon completion of your certification Security Metrics will send you a certificate of compliance, and if requested, a logo to display on your website.
31. Do I have to use Security Metrics?
No. There are over 130 approved scanning vendors. You are free to choose to certify with any vendor you like. However, if you choose to certify with another vendor you will be responsible for paying the full cost of the PCI Compliance analysis to that vendor. A list of approved vendors is available on the card association web site or at pcisecuritystandards.org.
32. What if I have already performed my PCI Compliance self-assessment questionnaire (and applicable quarterly scans)?
If you have been PCI DSS certified within the past several months or you choose to use another card association-approved scan vendor, please submit all of your certification documentation to us so that we know your account is currently PCI compliant. You can send us your information via email to pci.validation@firstdata.com or fax to (954) 509 4051.
33. Can I choose not to certify for PCI Compliance?
MasterCard and Visa require all acquirers to report on the PCI Compliance of their merchants. If you choose not to complete the self-assessment questionnaire you may overlook certain data security practices that minimize your risk of a security breach. In the event that your business is compromised, you may be subject to fines of up to $500,000 per payment brand. These fines would be in addition to the expenses and fraudulent transactions resulting from the breach.
In light of the importance that data security has to the payment processing industry and consumers at large, FDIS may also begin imposing a fee for each month that your account has not been validated as PCI compliant or in any given month your account is deemed noncompliant. FDIS will provide you with appropriate notification prior to the implementation of such a fee.
34. How long is the PCI compliance certification valid?
The PCI compliance certificate is valid for one year from the date the certificate is issued you are required to complete the PCI DSS self-assessment questionnaire on an annual basis.
*Important* Your merchant account is bound by the terms and conditions of the merchant agreement and is not subject to the return policy.
