The Payment Card Industry (PCI) requires payment processors and merchants to meet certain Data Security Standards in order to protect consumers as well as merchants and payment processors. This leads to PCI Compliance, which you need to be familiar with if your business involves card payment processing. The state regulates PCI compliance, and merchant account providers can also set standards for data security, so it is important to be familiar with compliance standards. One of the biggest reasons for doing so is avoiding additional fees.
PCI compliance is important for data security, but it is also important for you the business owner for many reasons. Here at Moolah, we provide some of the best credit card processing for small businesses, and through our partnership with Authorize.net, provide free PCI compliance services. PCI compliance is important because PCI non-compliance fees can be charged when you or a payment processor don’t meet PCI compliance standards, which could cost you up to $100,000 a month. One quick and simple way to determine if you meet PCI compliance standards, you can fill out a Self-Assessment Questionnaire that will tell you if you are out of compliance. If you are, then it is important to get into compliance on your own or find a payment processor that is, because paying PCI non-compliance fees will not only hurt your budget but be fruitless, because it will not go toward you getting back into compliance.
Sometimes PCI compliance fees are passed on from the payment processor to the merchant, so it may benefit you to look for these types of fees when choosing your payment processing option. It is very likely that you will encounter a payment processor that will charge PCI compliance fees. Though some PCI compliance fees come with extras, not all will, so it is important to ask the payment processor you are thinking of working with about them to determine what you’re getting for your money.
Though not all payment processors charge PCI compliance fees, including Moolah, there are reasons many do. Some payment processors will run security scans for you, which could save you some work because these are required to be done by merchants at least quarterly. Some processors will provide liability insurance for data breaches. Some processors may also provide ongoing consulting for PCI compliance issues, and issues that come up, including changes to PCI compliance standards.
Payment processors get to determine their own fees for PCI compliance. These fees are calculated by determining what their fees are and if these fees include PCI compliance or not. If not, then processors will determine what they would like to add to their existing fees in order to account for compliance. There are four ways these fees may be determined: No fee without services, fee without services, fee with services, or no fee with services. The ideal payment processor will provide PCI compliance services without charging extra fees. Here at Moolah, we use Authorize.net, which provides PCI compliance help without charging additional fees. That is one of the many reasons that Moolah provides some of the best credit card processing for small businesses.
Thank you for scheduling. If you have any questions, please contact us at 800-625-1670.
A credit card surcharge is an additional fee added to a transaction when a patient chooses to pay with a credit card. The surcharge is intended to help offset the cost of credit card processing and applies only to eligible credit card transactions.
No. Debit card transactions may not be surcharged under any circumstances, even if the debit card is processed as a credit transaction or entered manually.
Yes. Credit card surcharges may not exceed the merchant’s actual cost of accepting credit cards and are capped at a maximum of 3% of the total transaction amount, in accordance with card-network rules and applicable law.
Yes. Card networks require clear and transparent disclosure of any credit card surcharge. Practices must notify patients through appropriate signage at the practice entrance, point of sale, and anywhere payments are accepted. If payments are accepted online, the surcharge must also be clearly disclosed on the practice’s website.
Yes. Some U.S. states and territories prohibit or restrict credit card surcharging. Practices are responsible for understanding and complying with their state’s specific requirements before implementing a surcharge.
No. While Moolah provides tools and general guidance to support credit card surcharging, compliance with all applicable laws and card-network rules is the responsibility of the merchant. Moolah does not provide legal advice and assumes no liability for a merchant’s compliance.
Most major credit card networks permit surcharging when done in accordance with their rules, but additional requirements or restrictions may apply. Practices should ensure they have completed all required network notifications and disclosures prior to enabling surcharging.
Failure to comply with surcharging rules may result in card-network fines, required refunds, or other enforcement actions. Practices should ensure they fully understand all applicable requirements before applying a surcharge.
Flex does not currently offer built-in support for credit card surcharging. If a practice chooses to enroll in a surcharge plan, payments would need to be processed through Moolah’s payment platform, which is designed to support surcharging and integrates directly with Open Dental.
If you are considering introducing a credit card surcharge for your patients, it is important to understand that there are specific rules and regulations that must be followed when enrolling in and operating under a surcharge plan.
This article provides a general overview of common surcharging requirements. This content is provided for informational purposes only and does not constitute legal advice. It is the responsibility of each merchant to review, understand, and comply with all applicable laws, card-network rules, and regulatory requirements, including notification timeframes, signage requirements, surcharge percentage limits, and jurisdictions where surcharging is prohibited.
If you are unsure about the laws or regulations applicable to your practice, you should consult with qualified legal counsel. Moolah assumes no liability for a merchant’s compliance or non-compliance with credit card surcharging rules or regulations.
Transparent Communication
Card networks, including Visa, Mastercard, Discover, and American Express, require merchants to clearly and transparently disclose when a credit card surcharge is applied.
Practices must clearly notify patients of a credit card surcharge through appropriate signage placed at the practice entrance, at the point of sale or terminal, and anywhere payments are accepted. If payments are accepted online, surcharge disclosures must also be clearly visible on the practice’s website. All disclosures must inform patients that the surcharge applies only to credit card transactions.
Surcharge Limits
Credit card surcharges must comply with both card-network rules and applicable law. The surcharge amount may not exceed the merchant’s actual cost of accepting credit cards and may not exceed 3% of the total transaction amount.
Card-network rules cap credit card surcharges at 3%, meaning that if a merchant’s processing costs exceed this amount, the excess portion cannot be passed on to the patient.
Network and State Restrictions
The major credit card networks, such as Visa and Mastercard, impose specific requirements related to surcharge limits, advance notification, and disclosure.
In addition, several U.S. states and territories regulate or prohibit credit card surcharging. At the time of writing, credit card surcharging is prohibited in Connecticut, Maine, Massachusetts, and Puerto Rico. Other states, including Colorado, Minnesota, Mississippi, New Jersey, and New York, impose restrictions on surcharge amounts or require specific disclosures.
If your practice operates in a state that restricts or prohibits credit card surcharging, you must fully understand and comply with those requirements before implementing a surcharge.
Debit card transactions may never be surcharged, even if the debit card is processed as a credit transaction.
Applicability
Credit card surcharges may be applied only to credit card transactions. Other payment types, including debit cards and alternative payment methods, are not eligible for surcharging.
Regulatory Compliance
Merchants are responsible for maintaining ongoing compliance with all applicable card-network and legal requirements. This includes meeting advance notification obligations, using compliant signage and disclosures, adhering to surcharge percentage limits, and respecting jurisdiction-specific restrictions.
By following these guidelines, dental practices can implement credit card surcharging in a way that aligns with card-network rules and promotes transparency with patients. Clear and upfront communication helps maintain patient trust and supports a positive payment experience.