|
The way I read CCBill's notice, you can't offer the two step join process because Mastercard doesn't think you have a right to the customer's address. I have no idea why this is the case, as that information can limit fraud, but then again, Mastercard profits from fraud.
I can envision the two step join to have to go to three:
Step 1 - Email address, and card type.
Step 2 - Everything else except card number, expiration, and cvv2.
Step 3 - Actual card information.
This could be good because you could even do an initial screen based on their email address.
This should satisfy Mastercard because if their transaction is mastercard, you would pick your third party at step 1, and then route the transaction straight to the third party at step 2 so you don't harvest their information. If the card is mastercard you would only have a two step join.
But what do I know?
|