LimeLight setup to stay compliant with MasterCard regulations

Watch the Webinar by LimeLight

MasterCard Compliance Webinar Recording 4/9/2019

LimeLight setup to stay compliant with the MasterCard regulations:

In order to remain compliant with the new MasterCard regulations in effect on 04/12/2019 (AN2202)  you will need to make some changes to your API calls and add some extra configurations to your LimeLight platform listed in the steps below.

Currently the LimeLight platform is set up to automatically require consent for any MasterCard initial order processed through an NMI Paysafe Processing Continuity gateway profile. These transactions will not rebill until consent is received from the cardholder.

  • Free Trial 5968 merchants not using the NMI PaySafe gateway
    • If you are a free trial 5968 merchant using another gateway/processor, you will have to pass the consent_required=1 parameter in the NewOrder API call for MasterCard transactions.
    • For more information please refer to our API documentation: Navigate to API > Orders
  • Merchants using the NMI PaySafe gateway with subscriptions that are not free trial transaction
    • If you are on NMI Paysafe and experimenting with straight subscriptions, you will need to reach out to PaySafe to discuss your processing options.

Disclosure of offer page information. Transactions must include the Website URL where the cardholder requested the product.

  • NewOrder API requests must be updated to include the ‘website’ parameter.  
    • For more information  Please refer to our API documentation: Navigate to API > Orders > NewOrder

Note: To assist during the migration process, you can add your website ‘URL’ field in the NMI PaySafe Gateway profile. If a NewOrder call is received without the website parameter we will use the URL from the gateway profile. *This is not intended to take the place of the website parameter in the NewOrder API call

Trial Start Date and Duration: The trial period must begin on the date that the product is received by the customer.

  • Configure the trial duration with delivery time in mind. For example: if you are selling a 14 day trial and average delivery time is 4 days, then configure the trial duration as 18 days.
    • For Next-Gen: Navigate to Products > Offers > Click on the Offer name > In the Trial section: Click on the Custom Duration radio button in the Trial Duration sub-section > enter in the new trial duration to account for delivery time > Save. (Example A)
      • If using Delayed Billing; Select 'When to Charge' > Delayed Billing > Configure the Days to Delay duration to account for delivery time > Save (Example B)
  • Example A
  • Example B
    • For Legacy: Navigate to Products > Click on the trial Product name > Click the down arrow on Subscription to open the subscription section > Update Subscription Type field to ‘Bill By Cycle’ > Update the Days To Next Billing days to the new trial duration to account for delivery time > Save.

Rebill Consent: After the trial period for a product has ended, but before any rebill is initiated the merchant must provide subscription information and cancellation information to the consumer. The merchant MUST also get explicit consent BEFORE issuing the rebill.

  • Configure the Consent Notification Email Template.
    • Navigate to Settings > Email Templates > Actions > Add Email Templates > Select Consent Notification from the dropdown > Select Template > Customize your Consent Notification > Save. Be sure to add:
      • Alert Days (use 1 day to ensure you comply with “after the trial period has ended”)
      • Master Card as the Payment Type
    •  In the Template body you must include the following:
      1. You must add your specific cancellation instructions which includes a direct link to an online cancellation procedure on the website where the cardholder made the initial purchase (See Cancellation Policy below).
      2. You must add your merchant name as it appears on cardholders statement.
      3. {nextsubscriptiondate} token - The date in which the credit card charge will happen.
      4. {nextsubscriptionamount} token - The amount that the credit card will be charged.
      5. A standard {consent_url} and {consent_token} are included in the default template body (e.g. <a href="{consent_url}{consent_token}">Click here to opt-in to subscription</a>). Clicking the LimeLight hosted consent link will provide a generic message “Thank You, [customer name]. Your order has been updated. Your next billing will occur on mm/dd/yyyy”. However, if you prefer to use your own branded page/link you can add it to the template. Please refer to our API documentation: Navigate to Orders > Order Compliance Consent.
    • Configure the Consent Notification Email Trigger.
      • Navigate to Settings > Email Triggers > Actions > Add > Select Consent Notification > Configure the Name, Description, SMTP Profile > Select the Consent Notification created above > Add your list of BCC Emails that should also get the Notification (A record of the notification sent to your customer must be retained for one year - See #4 Storage of transaction receipt below) > Publish > Save
    • Add the Notification to the trial product.
      • Navigate to Products > Products > Click on the trial product name > Select Custom Notifications in the Parameters section > Click the down arrow on Custom Email Notification to open the section > Actions > Add > Select Consent Notification as the Type > Select the Trigger configured above > Save the product 
    • *To Add the notification to multiple products; Click the ellipsis on the on the Consent Notification email trigger > Select Add to Products > Select the products to apply the notification to > Save

 

  • Example of default Consent Notification and hosted consent page:
ConsentLinkAndResponse.png
  • 3 ways an order is updated as consent_received

    • The cardholder clicks the LimeLight hosted consent link in the Consent Notification email as described in the steps above.

    • Order Compliance Consent API POST when the cardholder clicks a consent link from your branded page. Please refer to our API documentation: Navigate to Orders > Order Compliance Consent.

    • A customer service rep clicks the ‘Consent Received’ on the Order Details page in the LimeLight platform when the cardholder give verbal consent.

                        Consent_link.jpg

Note: A customer service rep cannot update ‘Consent Received’ on the order details page until after the consent notification has been sent.

Cancellation Policy: The merchant must provide a direct link to an online cancellation procedure on the website where the cardholder made the initial purchase.

  • Configure the Consent Notification Email Template (Instructions listed in Rebill Consent above).
  • This online cancellation link must be provided by the merchant. LimeLight does not provided a hosted cancellation link. We only provide a hosted consent link if merchant chooses to use it.

Storage of transaction receipt: Acquirers will be required to monitor transactions to identify when the same cardholder account number is used across multiple MIDs. When this is identified the acquirer may require proof of each transaction.

  • Configure the Order Confirmation Email trigger.
    • Navigate to Settings > Email Triggers > Click the Order Confirmation name configured to your trial product > Add your list of BCC Emails that should also get the Notification > Save
  • Configure the Consent Notification Email trigger (See above).
    • Navigate to Settings > Email Triggers > Click the Consent Notification name configured to your trial product > Add your list of BCC Emails that should also get the Notification > Save.

Send receipt for all transaction attempts: Each time a merchant attempts a transaction, a receipt must be sent to the cardholder via email or other electronic means. The merchant must also provide instructions to cancel the subscription. For unsuccessful transactions,  the decline reason must be provided.

  • Configure the Decline Notification Email Template.
    • Navigate to Settings > Email Templates > Actions > Add Email Templates > Select Decline Notification from the dropdown > Select Template > Customize your decline template > Save. Be sure to add:
    • In the Template body you must include the following:
      • {declinereason} token - The decline reason provided by the gateway
      • {nextsubscriptiondate} token - The date in which the credit card charge will happen.
  • Configure the Decline Notification Email Trigger.
    • Navigate to Settings > Email Triggers > Actions > Add > Select Decline Notification > Configure the Name, Description, SMTP Profile > Select the Decline Notification created above > Add your list of BCC Emails that should also get the Notification  > Publish > Save
  • Add the Notification to the trial product.
    • Navigate to Products > Products > Click on the trial product name > Select Custom Notifications in the Parameters section > Click the down arrow on Custom Email Notification to open the section > Actions > Add > Select Decline Notification as the Type > Select the Trigger configured above > Save the product
  • Confirm that the Order Confirmation, Cancellation Notification, Return Notification and Void Notifications are all configured to your trial and rebill products.

Recurring Transactions: All recurring transactions at the same acquirer must be processed under the same MID that was used for the initial payment transaction.

  • Configure your Campaign.
    • Navigate to Products > Campaigns > Click on the campaign name > Select the NMI Paysafe Processing Continuity gateway profile that all initials and rebills should process through.  Only one gateway profile should be configured to each campaign, however, a gateway profile can be configured to more than one campaign.

Paysafe / MasterCard Audit Fields

Paysafe/MC Audit Field LimeLight Field / Data Element
merchant_identifier NMI Username from NMI Paysafe Profile
merchant_name Descriptor from NMI Paysafe Profile
merchant_website_url Website URL passed in to NewOrder or from NMI Paysafe Profile
customer_service_phone_number Customer Service Number from NMI Paysafe Profile
subscription_plan_id Unique ID assigned to trial/rebill/subscription order chain
trial_amount Order total for trial order
subscription_amount Order total for rebill order
token_value NMI Token generated for the NMI Paysafe transaction
product_description  Main trial product description
start_of_trial_date  Date of original trial order
end_of_trial_date  End of trial date
 start_of_subscription_date  Date of rebill order (depth = 1) associated to original trial order
 subscription_frequency  Frequency of subscription billing after rebill date (e.g. 30 days)
 proposed_primary_rebill_date  Date of rebill order (depth = 1) associated to original trial order
 proposed_secondary_rebill_date  Date of rebill order + 1
 nmi_transaction_id_trial  NMI transaction ID of the original trial order
 nmi_transaction_id_rebill  NMI transaction ID of the rebill order associated to original trial order
 transaction_status_trial  Status (approved or declined) of trial order
 transaction_status_rebill  Status (approved or declined) of rebill order
 order_id_trial  Order ID of trial order
 order_id_rebill  Order ID of rebill order
   
 Date of email notification  Date of email notification
notification_type  Order confirmation, Cancellation, Decline notification, Consent notification
 notification_method  email
 order_id  Order ID of trial or rebill order the notification was associated with
 nmi_transaction_id  NMI transaction ID of the trial or rebill transaction
 transaction_status  Status (approved or declined) of trial or rebill order associated with notification
 customer_name  Customer name on order that notification was associated with
 customer_email  Customer email on order that notification was associated with
 customer_phone  customer_phone
   
action_datetime  Date of consent or cancellation action
 action_type consent_received or cancel_subscription
 action_method  via API, call center (Lime Light UI), or email link click
 action_source  IP address that action_method came in from