ebay charging seller fees... to an expired credit card (and succeeding)?!

[eyiz]

The 3/4 digit code on the back of the card cannot be retained.

That may be a rule. But, not every merchant follows it.

Part of the PCI audit requires demonstrating that you don't store these.

That's interesting. Because Janelonline requires international customers to email the scans of their credit card, and the law requires also that they keep any emails used in business transactions around for a period of time, I think it may be 7 years.

So, which law do you think they keep, and which they break?

If they delete the email, they violate the law requiring them to keep this communication, but they'd be in compliance with the PCI rule.

If they keep the email, they violate the PCI rule, but then they are in compliance with the law requiring business to maintain a record of their digital communications.

So, what do they do?

[rbm]

For example, to order JBC tools from Janelonline, if you're outside the US, they ask for a photo or scan of the front and back of your card, which they keep as proof that the card holder placed the order through them. So, they keep every detail that can be seen on that card.

If JBC Tools does that, then you and other customers should report them to either their acquirer or to the Card Brand through your Bank.  That is a clear violation of Card Brand rules as well as PCI security standards, and they can get in big trouble for doing that ...  to the point that their privileges for accepting credit cards could potentially be withdrawn.

Another merchant trick that is against Brand rules is sur-charging.  This is where the merchant charges you 2% more for an order because you pay with a credit card, or they have a policy that they only accept a credit card if the order total is above a certain amount.  Both of these practices should be reported and you should refuse to comply with them if confronted at the time of payment.

[Richard Crowley]

That's interesting. Because Janelonline requires international customers to email the scans of their credit card, and the law requires also that they keep any emails used in business transactions around for a period of time, I think it may be 7 years.

So, which law do you think they keep, and which they break?

If they delete the email, they violate the law requiring them to keep this communication, but they'd be in compliance with the PCI rule.

If they keep the email, they violate the PCI rule, but then they are in compliance with the law requiring business to maintain a record of their digital communications.

So, what do they do?

Seems pretty simple.  They painted themselves into the corner by their unilateral policy "requiring" customers to send scans of the cards which contain information that is prohibited to store.  Therefore, they can simply comply by reversing their decision and not requiring a scan with prohibited data. 

I have been using credit cards for 4 or 5 decades and I have never had to send a card image to a vendor.  If they are they anal, then I will find a more reasonable vendor.

[eyiz]

Seems pretty simple.  They painted themselves into the corner by their unilateral policy "requiring" customers to send scans of the cards which contain information that is prohibited to store.  Therefore, they can simply comply by reversing their decision and not requiring a scan with prohibited data. 

But, they don't make anyone buy from them. This business of sending scans of credit card is only for foreign customers. Some re-sellers in the US wouldn't even deal with foreign buyers. And Janel has the best prices on JBC tools. So, you can go elsewhere and pay more, or subject yourself to their rules and get the discounts on the tools you need. What to do? For example, Howardelectronics will also sell the same JBC tools  to international customers, and they don't require any scans of your credit card, but then they have higher prices for all these tools. The customer can also buy direct from jbctools.com, who again, don't require all that data, but you pay full price for everything. It's not like there aren't any options, there are lots, you can choose.

If you report Janel to some authority, and there's an investigation, Janel might just stop selling to international customers. What to do?

 

http://www.janelonline.com/terms.aspx