Merchant Account Basics

There is a lot of confusion surrounding credit card processing and merchant accounts. Some of the most common areas of confusion are about the different types of organizations that sell the services, what entities actually process the transactions and the fees and pricing structures that continue to be the unsolvable mystery. I’m going to provide a broad industry overview that will hopefully help make sense of this complicated industry.

Merchant accounts are greatly appreciated by some and a necessary evil for others
Some merchants prefer accepting credit cards because they are a much more convenient and cost effective way of collecting payments from customers. Other merchants, while it still may be convenient, struggle paying the relatively high fees on their already thin margins. Either way, businesses can improve their situation by becoming better and more informed consumers of the services.

Providers of merchant accounts
If you want to get a new merchant account or switch from your existing provider, one thing is for sure, there is no shortage of companies that are anxious to try and earn your business. You can find merchant service providers by looking in the yellow pages, searching online, talking to your bank, or just wait for the next sales guy to either call you or walk into your business (which shouldn’t be long). The key is choosing the RIGHT provider for your business.

Not all merchant service providers are made equal
There are really two types of merchant service providers: processors and resellers (resellers are known in the industry as Independent Sales Organizations (ISO’s) and/or Merchant Service Providers (MSP’s)). Your first thought is probably that you would rather go with a processor to cut out the middle man, but I’ll show you why it’s not that clean cut. Before I started Braintree, I worked for a processor and saw first hand some of the limitations they had in providing solutions to merchants. I’ll provide more detailed descriptions of both and then offer an assessment of their differences.

1) Processors - Also known as Acquirers, processors are distinguished by their ability to actually process a transaction. To be a ‘processor’, a company must have the technical capability to receive transaction data from a merchant via a telephone line or the internet and then communicate with the appropriate financial institutions to approve or decline transactions. Processors must also be able to settle completed transactions through financial institutions in order to deposit funds into the merchant’s bank account.

The processing industry is highly concentrated with the top five processors maintaining over 65% of all transaction volume. The single largest processor is First Data, was just bought by KKR for 29 billion. Processors can be banks, like Fifth Third, or non-banks like First Data.

While processors do maintain a direct sales force of their own, they primarily work through ISO’s to acquire and maintain their merchant base. A processor’s business model is really one of economies of scale. They’re volume shops. They essentially outsource the sales function to ISO’s. I don’t have exact data on this but I would guess that over 80% of all merchants are working with an ISO.

Here is simple diagram of the transaction flow. I took the liberty of putting my company in the value chain, but because Braintree is an ISO, there is a processor behind the scenes doing the actual transaction processing. Because most everything is private labeled, it’s difficult for most merchants to discern whether or not their service provider is a processor or ISO. Be careful not to be improperly influenced by this. Most sales people try to use ‘we’re the processor’ line to gain additional credibility.

2) ISO’s - ISO’s resell the products or services of one or multiple processors. They can also develop their own or aggregate other value added products and services. ISO’s range from a little sketchy to best in class providers.

There are two types of ISO’s

a. Banks - Banks of all shapes and sizes are ISO’s. Wells Fargo, for example, is an ISO of First Data. Your local community and large regional banks are most likely ISO’s. Banks entered into the merchant services business because it was a natural fit with their product and service offerings. It’s a way to increase revenue per customer. Most, but not all banks, will private label the services so it’s difficult to distinguish if they are a processor or ISO. The benefit of working with a bank is that you can consolidate your financial services. The drawback is that you usually get ‘out of the box’ type solutions.

b. Non-banks - These types of ISO’s range from some of the most dynamic and capable providers to firms who don’t represent the industry very well.

Which to choose: Processor or ISO
With all providers, there are a few industry dynamics that make the landscape interesting. First, there are very low barriers to entry due to the lack of certifications, licenses, and capital requirements. Secondly, there really is no active regulatory body that oversees and enforces acceptable practices. So naturally, with these two market conditions, merchants need to be mindful and through in selecting a provider.

In comparing the two, ISO’s offer all of the products and services that processors do (because they are reselling) but processors can’t always offer the same products and services as ISO’s. This is because ISO’s can resell for multiple processors and can either develop their own technologies or aggregate solutions from other providers. ISO’s have largely been the most successful creators of value added services while most of solutions the processors develop are usually pretty clunky. ISO’s also tend to be smaller which usually (but not always) leads to better customer service.

As a plug for the processors, there are a few circumstances in which merchants must engage directly with a processor in order to get solutions that cannot be provided by ISO’s. For example, dynamic product descriptors are used by merchants that need to report multiple unique product identifiers along with the merchant’s name. Only one processor that I know of has this ability. I would also say that processors also have a lower propensity to unscrupulous behavior that is more common among ISO’s (bank and non-bank).

As for price, in most cases, there really is very little to no difference. One more thing I would call out on pricing is that no class of provider (including banks) has earned the reputation to be above the sneaky pricing tactics that have unfortunately come to be an industry standard.

I argue, and fully disclose my vested interest, that in nearly any situation a best in class, non-bank ISO can provide more value than a processor. For some other considerations about what you may consider when evaluating different providers, you can read How to choose a merchant service provider.

What your merchant account looks like will vary according to your business
The rates, terms, and conditions of your merchant account will largely depend on your type of business and the provider you choose. Business types are first divided into two buckets: card present (swiped) and card-not-present (non-swiped). Card present merchants, such as restaurants and brick and mortar retailers are low risk and have fairly simple needs. Card-not-present merchants are much more difficult because the risk level is substantially higher when people are transacting business via the internet, telephone, etc.

Other risk factors that will affect your merchant account is the types of goods that you’re selling, delivery times, whether or not a deposit is required, and about 20 other variables. Most underwriting groups use some sort of actuarial models to determine their guidelines.

To give you an idea of one risk merchant service provider face, here is an example. Let’s say that you sell $100,000 in books online. Within 24 to 48 hours of selling those items, the customer’s money is deposited into your bank account. If you take that $100k and skip town without shipping the books to the people who bought them, the merchant service provider is stuck with the $100k bill because customers are going to contest and win the charge with their banks. So for a few hundred dollars a month in revenue, the risk better be pretty manageable for the provider.

Filling out the paperwork to set up your merchant account
Most companies have a two page application that will require you to fill out both personal and business information. Many people are justifiably concerned about giving out personal information including their social security number. However, unless you are a publicly traded company, I don’t know of a merchant provider who will underwrite your business without it.

When asked why all of the personal information is needed, most companies will point to the Patriot Act that was passed in Congress shortly after 9/11. It basically requires all financial institutions, which include credit card processors, to collect specific identifying information about their customers. Click here for more information on this.

You will also as required to sign a personal guarantee before the application is approved. Most business owners will respond that they incorporated so that they wouldn’t have personally guarantee. The underwriter will respond by asking why they should have more faith in your business than you do. Both sides have valid points. I think that the issue boils down to whether or not the business owner will deliver the goods that payment has been received for. The personal guarantee is not so much useful in collecting money as it is as a deterrent against fraudulent and irresponsible behavior.

Be Careful
As you can see in this very high level introduction to the industry, there are a lot of complexities and much to learn. You can also read my post on Some advice to help you avoid common mistakes.