Amidst sprawling campuses and multiple departments that each behave as individual merchants, high education institutions face another challenge: customer data portability. There is still a good number of payment processors and gateways that do not allow merchants to port credit card data that has been stored. As you can imagine, this can cause real problems for merchants within a college or university.
If one or more of those merchants wants to move to another provider, the ability to port credit card and other relevant information is critical. Whether you want to switch for customer ease of use or because you’re able to secure a better deal, the inability to port customer data to a new provider can result in processor lock-in, and the results can be damaging.
Background on Credit Card Portability
Portability has become a bit easier in part due to the Credit Card Data Portability initiative, which was started by Braintree in 2010 and modeled after the 1996 Telecommunications Act. The latter was enacted to enable people to retain the same phone number if they changed phone companies. Similarly, the Credit Card Data Portability initiative has three primary goals:
- Avoid processor/provider “lock-in” where merchants are tied to one provider for storing credit card and transaction records.
- Enable secure data transfers via standards-based processes that are PCI compliant.
- Foster the principles of fair competition
Porting Customer Data to New Providers Can Be Tricky
Even for those who can port customer data to a new provider, the process is complex and involved. Migration of data is more complicated than a simple import of customer data. To start, a merchant must first be vetted by a new provider, which may include a business model review, risk review, and compliance evaluation.
From there, merchants must partner with a technical integration resource from the new provider to begin the export and import process — a process that must follow PCI compliance protocol every step of the way. Your new provider receiving the information will typically need to provide a recent PCI-Compliance Attestation of Compliance (AoC) certificate before they can import the data. Then, there is the coordination of knowing which SFTP location to deliver the information.
Why Working With Payments Experts is Key
While the Credit Card Data Portability Standard does much to enhance available processing options for merchants, it does not change the fact that porting credit card data is a complex task. Credit card data is sensitive and requires the highest level of security, which can make the migration of this data an especially complex task that requires fluency in PCI compliance.
What’s more, the difficulty of porting data between gateways or processors varies depending on where the data is coming from and where it’s going. Some processors may not have the ability to port all of the data, and oftentimes, processors and gateways that are easiest to set up are the hardest ones from which to extract data. This can make it exceedingly difficult for merchants who are growing and need to explore better, more cost-effective solutions for payment processing.
Here’s the good news: Arrow Payments has deep experience in all things payment processing. We’ve worked with several of our clients to port customer credit card data between gateways and processors with success. Contact us today for a free consultation to learn more about how we might help you with your data migration needs.