Posted: by Bronte
How to Securely Collect Membership Fees in Your Nonprofit Organization
Nonprofit organizations can utilize many contribution sources other than donations to fund their activities. One such source is through a membership program that allows your most dedicated nonprofit donors a way to show their continued support. The membership fees collected serve as a predictable, recurring funding income. Payments such as these require a nonprofit credit card processing merchant account that is equipped with a virtual terminal for one time transactions as well as a continuity gateway.
Accepting Card Payments is Key
The economy is becoming cashless. So, as a nonprofit, it’s important to have ecommerce merchant services for the website and mobile/ wireless POS systems for in-person credit card processing. Without this enabled, you are severely limiting your ability to collect money to fuel your business.
But here is the twist. It isn’t so easy just implementing a merchant account and taking cards in the nonprofit industry. Nonprofits are considered high risk by many financial institutions. Banks and high risk payment processors have strict guidelines in place for measuring risk factors, and unfortunately, your business type poses too much risk to immediately accept. This process will instead take a few days to apply and hear back as the supporting bank reviews your company and underwrites your merchant account. But in some cases, processors such as Paypal and Square, won’t even consider working with nonprofits.
This is why it is so important to research and choose a payment processor that has expertise with nonprofits and recurring revenue businesses. Let’s break down how your nonprofit can collect membership fees securely to ensure that your members have peace of mind.
How Payment Processing for Nonprofit Works
To put it into the simplest terms, a payment processor enables you to collect your donor’s financial information so that you can use it to fund a donation, fee, etc. This job is handled on the back end once the donor provides their information. The security of a member’s payment information should be a top concern for a nonprofit. Take into consideration what security measures your nonprofit merchant services provider implements such as PCI compliance and fraud detection.
Now, let’s look at how a nonprofit membership payment is processed in just four steps:
1. Your new nonprofit donor purchases a recurring membership online.
This transaction requires the donor to enter their debit or credit card information to start the payment process. This could occur through your online payment gateway, mobile app, or an over-the-phone service. There are different options for ecommerce, MOTO (mail order, telephone order), and mobile transactions. But no matter how you decide to start the collection process, the intention is to begin the membership process with a donation.
2. Donation information is verified and sent through the payment gateway.
To prevent merchant services fraud activity, the debit or credit card information will be captured through the payment gateway. This way the account number and amount is verified between your bank and theirs.
This happens instantly so that the nonprofit donation will get verified for approval or rejection. Once the information is confirmed to be accurate, the payment processing will continue to the next step.
3. The donation information is sent to the nonprofit merchant account.
A verified payment card will initiate the transfer between the donor’s credit or debit company and your merchant account. A merchant account is similar to a bank account with the exception that it charges a rate that your nonprofit pays for a transaction. Only credit card donations can be held in these merchant accounts. Depending on the card type, date and time of purchase, and how your account is set up, you will have access to their initial donation within a few days.
4. Your donor’s information is sent to a database for recurring payments.
Online donation information that your nonprofit account collects will go directly to your donor database. This information generally includes your donor’s name, email address, phone number, and card information. Each time your nonprofit donor is supposed to be billed for their membership, their card information will be re-verified and charged.
Doing this automatically makes your life easier because it is a set it and forget it tactic. It also helps your donors to stay continually supportive of your cause without the hassle of typing in card information every time.
Security Features in Your Merchant Account
The sensitive payment information that is passed from your donor to your payment portal could be breached by hackers more easily if there are no safeguards. Your payment processor should have security features to protect your donor’s personal data.
One such security feature is called tokenization. Payment processors are required to use this security measure by the Payment Card’s Industry. With tokenization, the credit card numbers and other sensitive information is turned into a string of alphanumeric symbols by the payment processor.
Encryption is another security measure that is used by payment processors. Sensitive data which is called “plaintext” is turned into “ciphertext” that can only be opened with the correct “key” This encryption key will only allow those who have it to read the information. Nonprofits should ensure that those who need access to this sensitive information understands the importance of not sharing the encryption key.
There are also other security features that can help keep your nonprofit donations safe which your payment processor may offer. Some of these security features examples include the following:
- Bank Identification Number (BIN) Checking – This verification checks the bank account that is being used in the donation transaction to ensure it is from a legitimate source.
- Card Verification Code Requirement Capability (CVVS) – The 3 or 4 digit number associated with the account number is verified.
- Address Verification System (AVS) – Your donor’s address that is on file for the credit card is verified as the address they provided on the online donation page or other sources.
- Internet Protocol Blocking – Certain IP addresses that are known for being undesirable or hostile are blocked from making a connection.
PCI Compliance for Your Nonprofit Checkout Page
As online transactions started to become a popular payment channel, the Payment Card Industry (PCI) Security Standards Council saw the need for data security standards (DDS) to be established. In place to protect merchants and consumers, these security standards include a dozen PCI DSS compliance requirements.
Nonprofits must ensure that their process for accepting credit card donations are PCI DSS compliant. In addition to compromising your donor’s information, your nonprofit will face penalties and fees from processing out of compliance. This can also become an issue if the donor doesn’t feel safe. As soon as that happens they will abandon the transaction without a second thought.
These possible consequences highlight the importance that your nonprofit finds a secure credit card processing company. Your future members deserve the security that comes with PCI compliance and fraud detection. Find a high risk payment processor who can get you setup with a nonprofit merchant account. This way you can get up and running and do good for your cause.