Frequently Asked Questions

Get information about the topics that matter to you

Business Owners FAQs

Consumers enjoy the convenience of shopping with their preferred payment method. Acceptance of our card brands means increased sales and revenue and a better customer experience for your patrons.

An Acquirer is the merchant bank or financial institution that will process Discover network transactions.

The Acquirer determines merchant fees associated with Discover acceptance. Generally, they should be similar to those fees paid for acceptance of other card brands.

The Acquirer may determine to segment merchant fees by industry or merchant category. Examples of, Discover network categories include: Retail, Supermarket, Warehouse Club, Restaurant, Convenience/Quick Service, eCommerce/Card-not-Present, Automated Fuel Dispenser, Service Station, Lodging, Auto Rental, Passenger Transport, Government Services, Schools & Education, Insurance, Real Estate and Utilities.

Discover global strategic alliances open new opportunities for merchants to serve foreign customers as they travel to the U.S. You can open your business to worldwide spending opportunities with these global brands:

  • Diners Club International - 80+ Licensees, Upscale Customers
  • JCB - 3.4MM Japanese tourist spent $14.68Bn in 2010 in U.S.
  • Union Pay - 1MM Chinese visitors have spent $5Bn.
  • BCcard - 1MM+ Korean travelers to the U.S. in 2010 spent $3.4Bn.
  • DinaCard - Largest acquiring network in Serbia

Discover offers a variety of solutions to announce your acceptance of Discover at the door, point-of-sale, and elsewhere. Go to DiscoverSignage.com to order your free signage and supplies.

Cash at Checkout allows you to service customers by letting them get cash back at the register—even from credit cards. Cash at Checkout gives your cardmembers convenience, and leads shoppers to spend more than twice as much as the average ticket. With Cash Over, you can strengthen customer preference and build loyalty. Only Discover offers no fee Cash at Checkout on credit cards.

Discover Recurring Payments saves your customer’s time and hassle by providing an automatic payment method for recurring and installment charges. Bills are paid automatically, creating convenience for your customers and efficiencies for you. It’s also an easy way for your business to increase retention, improve customer satisfaction and reduce operational expenses.

Integrated Payment Providers FAQs

To ensure that your POS applications are fully enabled and compliant, simply:

Join:

Register for the VAR Connection
Check "YES" to the POS Testing and Non-Disclosure Agreement

Update and Test

Tell us about your application environment
Tell us about your update plan
Complete testing
Report results by emailing varconnection@discover.com

Tell us About Your Application Environment and Update Plan

Once this is complete, you will be ready to start running your tests. For each application that you will be testing, you will receive:
Test card numbers
Unique transaction amounts
The last part of becoming IIN (BIN) enabled and compliant is the results auditing phase conducted by Discover Network. We will review and confirm your test results, letting you know whether all or just some of your tests were successful.

In some cases, Discover is able to provide financial assistance to qualifying VAR partners. The purpose of this program is to help offset the operational costs of staying IIN (BIN) compliant. We understand the challenge of communicating the value of compliance and justifying the need for additional expenditures to your customers, so we are here to offer additional support.

Find out about the types of financial incentives that Discover can offer you and learn more about the qualification requirements today by sending an email to varconnection@Discover.com

It gives you the assurance that a Discover Global Network transaction will successfully route upstream to an Acquirer, Acquirer Processor or Merchant Processor for handling and routing to Discover Global Network through your POS applications and PC software.

The tests will only confirm successful transmission of a Credit, Debit and Prepaid Card running on the Discover Global Network. Check with your Processor to see if you are certified to support additional Discover Global Network products and features, including Cash at Checkout and Recurring Payments.

First, you will need to create a log-in, register for the VAR Connection and check, "Yes" to the POS Testing and Non-Disclosure Agreement. Then tell us about your application environment and your update plan, you will then be ready to test. You will also be able to request test card numbers and run your tests in a "live" environment with merchants.

If you test with merchants, you will know that a test was likely successful if you receive a decline message. Please remember that a decline message does not mean that your test was unsuccessful. It means that Discover Global Network successfully received your authorization and declined it.

When you conduct your tests with merchants, we will post your name on the IIN Enabled & Compliant Integrated Payment Provider List as soon as we are able to confirm that your tests were successful.

Please note that you will have to successfully test all of your POS applications and PC software for all IIN (BIN) Ranges in order to be included on the IIN (BIN) Enabled & Compliant Integrated Payment Provider List. Also note that every time a new set of IIN (BIN) requirements is posted by Discover Global Network, you will have to run another series of tests in order to stay compliant and keep your name on the IIN (BIN) Enabled & Compliant List.

Who should I contact with further questions?
Call 1-800-951-0633 or send an email to varconnection@discover.com if you have any questions regarding the tests or your test results.

The PCI Council has recently launched a new Qualified Integrator and Reseller (QIR) training and certification program. This program provides payment application developers, integrators and resellers with the tools to assist merchants and industry participants in their effort to install and configure validated PA-DSS payment applications in a manner that facilitates PCI DSS compliance.

To learn more about course information, training dates, and registration, click here.

Fraud and Security FAQs

It takes an assortment of tools to prevent fraud. Reading through the rest of the FAQs listed here will help you determine what your business needs to do to reduce your fraud risk.

Here are some guidelines for preventing Internet, telephone or mail order fraud.

We request that cardholders provide the following information during the order-taking process:

  • Cardholder name, exactly as it appears on their card
  • Card number
  • Card expiration date
  • Card Identification Data (CID): the three-digit number located on the back of the card
  • Card billing and shipping address (when necessary)
  • Cardholder telephone number

For each transaction, be sure to:

  • Validate the CID
  • Verify the cardholder's billing address electronically or via our address verification system (AVS)
  • Verify the cardholder's name, full billing address, email address, and phone number with the issuer, in real time, using our free fraud prevention solution, Verify+
  • Check your delivery service contract for who is responsible for merchandise not delivered
  • Require a signature for each delivery and keep all delivery records
  • Refund sales on the same card (if the sale is on a credit card)
  • Include your common DBA and customer service number on the customer's transaction receipt
  • Clearly communicate all delivery charges, restocking fees, or other fees
  • Clearly explain return policies and offer documentation of these policies with each sale
  • Document customer service efforts when working on chargebacks
  • Respond to all chargebacks
  • Require authorization for duplicate charges or installment plans unless otherwise stated

Do not use key card information to force through a sale for which you have received a declined response to your authorization request.

The following behaviors indicate higher-risk transactions. One behavior alone may not be a concern.

  • New customer attempts to make a large credit card transaction
  • Customer doesn't know the CID, indicating they don't have the actual card
  • Customer's address doesn't match the cardholder address when you're obtaining an address verification
  • Customer ships to an address other than the billing address
  • Customer tries lower dollar amounts when a decline message is received
  • Customer tries different expiration dates when initial attempts fail
  • Customer has difficulty supplying personal information
  • Customer repeatedly sends email messages requesting confirmation of shipment
  • Customer attempts to ship multiple orders using different cards to the same address
  • Customer attempts to purchase large quantities of a single item
  • Customer purchases several large-ticket items, which appear random
  • Customer calls a few minutes before closing and wants several large-ticket items
  • Customer splits up transactions to avoid paying import taxes or duty fees
  • Customer requests shipment to an overseas destination
  • Customer seems concerned about delivery time frames to overseas destinations
  • Customer attempts to place a large order using several credit cards to obtain the total authorization amount
  • Customer offers the phone number to an authorization center to speed up the credit card approval process
  • Customer has little regard for price
  • Customer shows little or no concern for return policies, manufacturer warranties, or rebates when purchasing in large quantities

Yes. These are a few of them:

  • Clearly identify your company name on your website—on each page if possible
  • Include your common DBA and customer service number on the customer’s transaction receipt
  • Offer a street or P.O. box address as contact information on your website
  • Offer a customer service telephone number
  • Clearly identify all features of a product or service
  • Clearly communicate all delivery charges, restocking fees, or other fees
  • Clearly identify your company’s return policy and shipping time frames, and offer documentation of these policies with each sale
  • Disclose your information security policies and processes

Tips for protecting customer information:

  • Truncate all credit card information
  • Avoid storing CID data in your records or within sales data
  • Secure your site
    • Store data securely
    • Protect your data with firewalls
    • Limit authorized use and require passwords
  • Avoid storing customer or credit card information on your web server

Refer to your Merchant Operating Regulations for further card-not-present (CNP) requirements for the submission of sales.

If there is a breach in your system, notify Discover Security within 48 hours by calling 1-800-347-3083 or emailing globalfraudsolutions@discover.com

The CID helps ensure that the cardholder possesses the card at the time of purchase. It may also help protect you against chargebacks in the event of a dispute.

Ensure that the proper person received the shipment by requiring documentation of delivery. In a chargeback dispute, you can then verify delivery information. Also refer to the requirements in the Merchant Operating Regulations, Section 4.

The best way to protect your business is to develop an information security strategy. The basics include but are not limited to firewalls, cryptography tools, and anti-virus software. The rule with data security is: you can’t be too careful.

  • Customer makes random purchases without paying attention to size, value, or price
  • Customer presents a card taken from their pocket instead of their wallet
  • Customer claims to have left photo identification at home or in the car
  • Customer arrives near closing time and tries to hurry you through the sale
  • Customer purchases a large item and refuses delivery
  • Customer displays no interest in the warranty on expensive items
  • Customer is slow and deliberate when signing the sales draft, perhaps because the signature is being forged
  • Embossed card is missing the stylized "D" character
  • Information has been altered (e.g., expiration date, card number, embossed name)
  • Signatures on the card, and the sales draft, are different
  • Validation date has expired
  • Ultraviolet image of the word "DISCOVER" is missing from the front of the card
  • Signature panel shows signs of tampering, or the word "VOID" is exposed by an erasure
  • The word "DISCOVER" or "DISCOVER NETWORK" in the signature panel is unclear or not tilted at the standard 20-degree angle
  • The hologram, or holo-magnetic stripe, is damaged or appears to have been tampered with

If a card's magnetic stripe can't be read, obtain an imprint of an embossed card. Ensure the imprint clearly shows the card number, expiration date, cardholder name, and stylized "D" character. Refrain from keying unembossed cards if you are suspicious.

Call 1-800-347-1111 and ask for a Code 10 authorization if you suspect a transaction is fraudulent.

Help protect your cardholders and your profits through our multilayered fraud prevention programs and services.

Card Identification Features—for Major Card Brands (#33844)

Card identification features for the major credit card types can help. Order them by contacting your acquirer.

Card Identification Data (CID)

The three-digit CID provides an additional layer of security to reduce authorization testing. The CID may also be entered into your point-of-sale (POS) system for a swiped or keyed transaction to further authenticate the validity of the card.

Address Verification Services (AVS)

To limit fraud on CNP transactions, we require merchants to capture the cardholder's address for verification.

Fraud Prevention Solution: Verify+

Enroll in our free fraud prevention solution, which compares the customer's full name, complete billing address, up to three phone numbers, and an email address with the issuer's records. You will receive an immediate match/no-match response from our website.

Address Change Notification (ACN)

Minimizes the risk of account takeover fraud. When supported by your acquirer or processor, merchants requesting an AVS are sent an ACN. The ACN indicates the number of days since the last cardholder billing address change (if the change was within the last 45 days).

Card Verification Value (CVV)

A unique value is encoded on the magnetic stripe of the card; the issuer provides it as protection against counterfeit cards.

Code 10: Suspicious Situations

Merchants who become suspicious during a card-present transaction can phone in a Code 10 authorization request, which alerts the issuer and protects the cardholder. Our automated authorization line will connect the merchant to the appropriate issuer.

100% Authorization Requirement

We protect profits by requiring authorization on all transactions.

Stand-In Functionality

Assists participating issuers with merchant authorizations when systems are down.

Fraud Prevention Seminars

Discover sponsors seminars and lectures on fraud prevention. To learn more, call 1-800-347-6634, or email us

Other Important Reminders:

  • Your authorization code does not eliminate the possibility of a fraudulent sale
  • You are the first line of defense against fraud
  • Discover is here to assist you in the fight against fraud

Discover Network supports efforts to combat misuse of intellectual property. If you are an intellectual property right holder and want to report a merchant violation of your intellectual property rights, email us at riskoperations@discover.com

Please include the following information in your email (if available):

  • A description of the alleged infringement, including the identity of the site allegedly engaged in the sale of illegitimate products and evidence proving the allegation
    • If only certain items on a website are alleged to be illegitimate, the request must clearly identify those specific products and their location on the website
  • Evidence that the illegitimate products could be purchased using a Payment System Operator's services, for example, by providing a screenshot of the Payment System Operator’s logo on the merchant website
    • Test transactions are helpful but not required
  • A copy of the right holder's cease & desist letter, a DMCA notice that the website operator is engaging in infringing activity, or an attestation that, to the best of the right holder's knowledge, the site isn't licensed or otherwise authorized to sell the alleged illegitimate products
  • Evidence demonstrating that the right holder owns a copyright or trademark in question

The Discover Information Security & Compliance (DISC) program helps implement and maintain efficient data security and procedures for its constituents and promotes the adoption of secure transaction processing of cardholder data on the Discover network.

As part of DISC, Discover partnered with other major payment card brands to form the Payment Card Industry Security Standards Council, LLC (PCI SSC). The PCI SSC launched on September 7, 2006, to manage the PCI security standards, which focus on improving payment account security throughout the transaction process. Discover is committed to the PCI security standards as the industry standards for the payment card industry. The DISC program promotes compliance to PCI security standards by helping safeguard cardholder data and limit data compromises.

To find out more, please visit the PCI SSC website

Merchants

In addition to requiring compliance to PCI security standards, Discover requires that each new implementation of payment applications by merchants, and their agents, is compliant with the Payment Card Industry Payment Application Data Security Standard (PA-DSS).

For a list of PA-DSS-compliant applications, or information on PA-DSS, visit the PCI SSC website

Acquirers & Service Providers

There are separate compliance requirements for acquirers and service providers. In addition to requiring compliance to the PCI security standards, Discover supports the PA-DSS and recommends that acquirers ensure that their merchants, service providers, and agents use payment applications that have been validated as compliant with PA-DSS.

For more information on PA-DSS, visit the PCI SSC website

ProtectBuy is a Discover Three Domain Secure (3DS) customer authentication solution. With ProtectBuy, both merchant and issuer can help mitigate card not present fraud risk and reduce chargebacks by verifying the customer’s identity at the time of the transaction.

As EMV reaches critical mass in safeguarding the card present space, fraudulent activity will migrate to card-not-present transactions, as already seen in Europe. ProtectBuy will help reduce the likelihood of fraudulent usage of payment cards.

Three Domain refers to the security from these three domains: 1.) Merchant/Acquirer 2.) Network 3.) Issuer. 3DS creates a secure pipeline across the three parties, which validate a consumer’s identity when they are shopping online.

ProtectBuy provides an additional layer of security so that both Merchants and Issuers can help mitigate card not present fraud risk and reduce chargebacks by validiating the customer’s identity at the time of the transaction. ProtectBuy improves customer confidence in online shopping and provides a simple, easy cardholder experience.

ProtectBuy uses risk-based authentication. Simply put, we will analyze the customer behavior and only challenge the riskiest transactions. Previous versions in the market would challenge every transaction, which led to shopping cart abandonment and a poor customer experience.

The customer will receive a one-time password via text or email, which is to be used in the ProtectBuy pop up on the merchant’s page. By doing this, a customer does not have to remember user names, passwords, or answers to security questions.

Please contact your Discover Account Executive for more details around timing and how to begin the integration process or email us at protectbuy@discover.com.

Or you can enroll here >

Have More Questions?

We’re here to help. Reach out to us for additional information about acceptance, IIN BIN compliance, products and solutions or fraud prevention.

Contact Us