Introduction - bpbetter.com

Transcription

Introduction
BP Payment Guide
BP Network (with EPS)
General Information
Welcome to the BP Payment Guide (“Guide”). The Guide contains the information and the requirements for
processing payments at your Approved Retail Sites using the Electronic Payment Server (EPS).
PLEASE NOTE THAT IN ORDER TO RETAIN EPS PAYMENT PROCESSING AT YOUR SITE, YOU MUST
COMPLY WITH THE GUIDE AND ANY FUTURE UPDATES. REVISIONS WILL BE POSTED ON THE BP
PORTAL AT WWW.BPCONNECTION.COM. IT IS YOUR RESPONSIBILITY TO REVIEW ANY AND ALL
UPDATES AND TO REMAIN IN FULL COMPLIANCE.
BP RESERVES THE RIGHT TO DISABLE YOUR ABILITY TO PROCESS USING THE EPS WITHOUT
PENALTY IF BP REASONABLY BELIEVES YOU ARE IN VIOLATION OF ANY TERM(S) OF THE GUIDE.
Please use the Table of Contents to help you navigate through the Guide. The Guide provides processing
information for BP Proprietary and Third Party Credit Cards, Debit Cards, cents-off-per-gallon Price Rollback
Cards and Codes, BP Driver Rewards, and BP Gift Cards. The ability to process all cards is site specific.
Authorization and processing procedures contained in the Guide apply to each and every site that is processing on the
BP Retail Network. Authorization and processing procedures contained in the Guide that relate to BP Credit Cards are
applicable to all Approved Retail Sites (herein “Sites”). The required acceptable forms of payment are listed in Section
3.0 of the Guide.
To view an electronic copy of the most updated version of the Guide:
Log on to www.bpconnection.com
Select “Programs”
Select “Card Operational Resources”
Select “Payment Guide” heading on the left hand side
(Please note that the location of these manuals may change.)
Please note that the Guide will be updated from time to time in one of two ways: (1) electronically and/or (2) by hard
copy inserts. As a result, Marketers have a duty to read all electronic and hard copy communications and to review
www.bpconnection.com daily.
To order additional hard copies of the Guide or the Wall Chart:
Call the GBS-a at 1-888-274-3578, Option 5, 3, 1
Reference product code #BPPAYGUIDE or #BPWALLCHART
This Guide and the materials contained herein are the property of BP and are considered confidential and proprietary.
Part No. bppg 3.3_November2013
Table of Contents
!
!
2
Important
Important
1.0
Securing Cardholder Information
Refer to this section for an explanation of your responsibilities for, among other things, safeguarding
cardholder account information. Please carefully review the Legal Notice.
2.0
Fraud
Refer to this section for applicable information as it relates to the fraud procedures.
3.0
Acceptable Payment Methods
Refer to this section for all acceptable forms of payment and the corresponding authorization requirements.
4.0
Card Processing
Refer to this section for specific information about the card processing system.
5.0
Payment Card Settlement
Refer to this section for information on the differences sites will see in relation to Settlement Reports with
the EPS system.
6.0
Contracts
Refer to this section to understand the importance of your contracts with BP.
7.0
Sales Authorization
Refer to this section for step-by-step instructions for processing payments and work authorizations.
8.0
Paper Ticket Processing
Refer to this section for information on manual imprinter equipment, processing paper tickets and submitting
paper tickets for reimbursement.
9.0
Debit Cards
Refer to this section for debit card acceptance, transaction and processing tips.
10.0
BP Gift Cards
Refer to this section for acceptance, activation and processing procedures for the BP Gift Card and FuelCircle.
11.0
RFCO/Chargebacks/Credit Card
Refer to this section for tips on how to help avoid unnecessary chargebacks by processing your
paperwork correctly.
12.0
Commercial Cards
Refer to this section for information pertaining to BP and third party Commercial Cards.
13.0
BP Pump Rewards Programs
Refer to this section for specific information regarding BP Pump Rewards programs and processing guidelines.
14.0
Price Rollback Settlement
Refer to this section for information regarding settlement and reporting of Price Rollback Programs.
Appendix A
Frequently Asked Questions (FAQs)
Find answers to the most Frequently Asked Questions (FAQs) here.
Appendix B
Important Phone Numbers
Reference this section for credit card authorization and customer service numbers.
Appendix C
Glossary
Reference this section for definitions of the terms found in the Guide.
1
1.0 Securing Cardholder Information
As a BP Jobber, Commission Marketer, Retail Contract Operator or Dealer (“Marketer”), you are solely responsible
for complying with the most current version of the Payment Card Industry Data Security Standard (PCI DSS), all laws
and regulations (federal, state, and local) and industry regulations related to personal identification data security
(“Standards”). These Standards may affect your site systems and operations including POS software and hardware,
indoor pinpads, dispenser card readers, and other systems that may handle card data. Operational processes such as
handling of reports that contain sensitive data are also part of the Standards. For more information specifically about
PCI DSS please go to www.pcisecuritystandards.org.
BP RESERVES THE RIGHT TO DISABLE THE ABILITY TO PROCESS PAYMENTS ON THE EPS WITHOUT
PENALTY OR STOP RECEIVING AUTHORIZATIONS FROM A WAN-A IF BP REASONABLY BELIEVES A
SITE(S) OR WAN-A IS NOT IN COMPLIANCE WITH THE STANDARDS. IN ADDITION, THE MARKETER
WILL BE SOLELY RESPONSIBLE AND FULLY LIABLE FOR ANY AND ALL BREACHES OF OR NONCOMPLIANCE WITH THE STANDARDS AND WILL INDEMNIFY AND HOLD BP HARMLESS FROM ANY
AND ALL FINES, DAMAGES AND ACTIONS RELATED TO ALLEGATIONS, CLAIMS OR
INVESTIGATIONS REGARDING ANY ALLEGED BREACH OR NON-COMPLIANCE WITH THE
STANDARDS. PLEASE READ THE LEGAL NOTICE AT THE END OF THIS SECTION 1.0.
IMPORTANT: WHAT TO DO IF YOUR SITE EXPERIENCES A SECURITY BREACH
• A security breach or incident would include but is not limited to:
- Loss or theft of materials that contain cardholder information
- Loss or theft of Point of Sale devices or EPS devices
- Discovery of a “skimming” or “sniffing” device on indoor or outdoor payment terminals
- Multiple complaints from consumers of fraudulent transactions on their credit cards after use
at your location
• If you discover a security breach:
- Contact law enforcement immediately but no later than 24 hours after discovery
- If a “skimming” or “sniffing” device is found on an indoor or outdoor payment terminal,
immediately put the payment terminal with the “skimming” or “sniffing” device out of service
- Also contact the following BP personnel immediately but no later than 24 hours after discovery:
• BP Helpdesk at 1-888-BP-HELPU Option 5, 2
• Your BP Sales Manager
- If required by the card brands, work with BP to obtain a PCI forensic investigator and provide access to the
PCI forensic investigator
- If forensic report is required, provide a copy of all drafts of the forensic report to BP
2
1
Summary of PCI DSS Requirements Governing the Security of Cardholder
Information
• Do not allow site personnel to attempt to gain access to the BP supplied payment processing components
or otherwise bypass the security features of any components provided by BP.
Please be advised that the following is not intended to be an all-inclusive list of all requirements
relating to cardholder information and that such requirements will change from time to time.
• Do not disconnect or connect any equipment to the network switch, the V900 or V920 (EPS), the BP
provided telecommunications equipment (Hughes VSAT 7700 or Siemens DSL router) or the VLinx box
(Retalix ampm sites only) unless specifically instructed by an GBS-a Analyst or a BP network engineer.
Changes to the connection of card processing equipment or the card processing network are not permitted.
Storage of Cardholder Information (PAN, Cardholder Name, Service Code and Expiration Date)
• Store only that portion of the customer’s account information that is essential to your business, i.e. name,
account number or expiration date.
• Store all materials containing cardholder information in a locked and secure area with access limited
to authorized personnel only. Materials include, but are not limited to:
- Receipts
- Manual Tickets
- Journal Tapes
- Batch Reports (including EPS Terminal Detail and Acquirer Detail Reports)
- Back-up disks and/or electronic media
• Release cardholder data only to BP, their representative, merchant banks, card processors or as specifically
required by law. Never send cardholder data via end user messaging technologies such as e-mail, instant
messaging or chat, or provide a report containing sensitive data.
• The materials containing cardholder information described above should be retained for a minimum of
6 months and a maximum of 9 months or the length of time required for your business or legal purposes.
Appropriately destroy (i.e., cross-cut shred) these materials after the retention time has elapsed.
• Batch reports should still be printed and reconciled daily. This is the only means of ensuring that if something
happens to your settlement, the GBS-a credit card helpdesk is able to recreate any missing or lost
batches/transactions and is able to ensure your site is reimbursed. Batch Reports (including EPS Terminal
Detail and Acquirer Detail Reports) should only be retained until settlement funding is verified. After funding
is verified, appropriately destroy (i.e., cross-cut shred) these materials. You are not in violation of the
Standards if these reports are stored and disposed of properly.
Destruction of Cardholder Information
• Destroy (i.e. securely cross-cut shred) all materials that contain cardholder information after the retention
times described in the Guide. Never simply discard these materials in the garbage. Materials include,
but are not limited to:
- Receipts
- Manual Tickets
• Ensure that any third party POS applications at your site are Payment Application Data Security Standard
(PA DSS) certified. Also, ensure the hardware/applications are installed in a PCI compliant manner by a
certified technician.
• Ensure that your POS applications have all applicable security patches applied.
• Verify the identity of any service technicians that visit your site to work on any components of the payment
processing system, including the V900/V920, pinpads, POS, and network equipment. If you have any
doubt as to the validity of a technician’s credentials, contact the GBS-a helpdesk.
• Keep a log of technician visits, and have technicians sign in and out when they visit your site. Be sure to
include the technician's name, date and time (in and out) of visit.
• Inspect BP supplied payment processing components before and after a technician visits your site. If you
suspect tampering or you detect a “skimming” or “sniffing” device on an indoor or outdoor payment
terminal, do the following:
- If a “skimming” or “sniffing” device is found on an indoor or outdoor payment terminal, immediately put
the payment terminal with the “skimming” or “sniffing” device out of service
• Ensure that your indoor pinpads remain compliant with the new higher debit encryption standard, Triple
Data Encryption Standard or TDES. TDES is required for debit acceptance inside at the pinpads.
• Per Visa, to continue PIN debit acceptance at the dispenser, Marketers were required to have pinpads with
either DUKPT or TDES. Because Marketers accepting PIN debit at the dispenser currently use DUKPT
or TDES, no changes are required for your dispenser pinpads at this time.
• Comply with the Acceptable Internet Use policies of BP and its service providers. These are posted
on www.bpconnection.com.
- Journal Tapes
- Batch Reports (including EPS Terminal Detail and Acquirer Detail Reports)
- Back-up disks and/or electronic media
Restrict Physical Access to Cardholder Information
• Ensure that physical access to areas where the cardholder information is located is limited to authorized
personnel with a valid need for cardholder data access.
• Ensure that access to Point of Sale (POS) terminals is limited to authorized personnel.
• Restrict physical access to network equipment and network connections to authorized personnel only.
• Do not allow site personnel to bring laptop computers or other electronic equipment to your site. Laptops
and other electronic equipment can be used for “skimming” or “cloning” or “sniffing” cardholder account
information for fraudulent purposes.
2
Validating Compliance
• All Marketers are responsible for complying with the Standards, completing an annual audit, and providing
validation of their compliance annually.
- BP has made it easier for you to validate your PCI compliance with the BP PCI Program.
- The BP PCI Program features TrustKeeper PCI Wizard, a tool designed by Trustwave and customized
for Marketers, to help them more efficiently and smoothly navigate through the Self-Assessment
Questionnaire (SAQ). For more details on this program please refer to Attachment A.
• Once your annual assessment is complete, gaps in your security systems and processes may be identified.
You will need to perform corrective action and/or put in place compensating controls immediately to remedy
these gaps and confirm your compliance.
3
• You should expect the PCI Data Security Standards to be enhanced periodically to keep pace with evolving theft
and fraud practices. This will require ongoing diligence and remediation investment. Marketers must always
remain in compliance with the Standards.
• In addition to the annual assessment, Marketers who have WAN A networks will also need to:
- Have an Approved Scan Vendor (ASV) complete quarterly network scans and provide those results to BP.
- Use a Level 1 network service provider that is a PCI DSS compliant provider as listed on Visa's Global List of
PCI DSS Validated Service Providers (i.e., http://usa.visa.com/download/merchants/cisp-list-ofpcidsscompliant-service-providers.pdf ). The provider must be listed as compliance-validated within the past 12
months. If the Level 1 network service provider does not meet these PCI DSS validation listing requirements,
the Marketer must be able to provide BP with a Report on Compliance (“ROC”) for the Third Party WAN
showing compliance with the most recent version of the PCI DSS at the time of the ROC. They must have
also been validated by an approved QSA (Qualified Security Assessor) within the past 12 months.
Potential Consequences of Non-Compliance
• The longer you are non-compliant with the Standards, the greater the potential costs if there is a security breach
at your site.
• Today's forensics are able to pinpoint the origin of the breach down to the site level.
• According to the Ponemon Institute, the average cost of a data breach in 2011 was $5.5 million and cost
companies an average of $194 per compromised record1. When applied to a site that sells 1 million gallons of
fuel and generates an average of 8,000 transactions per month, the cost of a data breach could add up to more
than $1.5 million for a single month of transactions2.
1 - Ponemon Institute, 2011 Annual Study: U.S. Cost of a Data Breach.
2 - BP Marketing and cards estimate based on a site that sells one million gallon of fuels and experiences a data breach. The cost of one
month’s worth of stolen transactions could total more than $1.5 million dollars (8,000 x $194 = $1,552,000)..
• If your site has a breach, you are responsible for the entire cost of the breach. The costs include, but are not
limited to:
1. Fines and administrative costs from the card brands
2. Costs of issuing banks to reissue plastics
3. Chargebacks for fraudulent transactions including fraud at other merchants
4. BP reserves the right to pass through charges incurred from the card brands in relation to excessive
counterfeit chargeback fees
• If BP receives fines, administrative costs, or is assessed fees related to reissuance of plastic or fraudulent
transactions due to a breach at your site, you will be responsible for full payment of any such fine.
*** LEGAL NOTICE ***
Payment Methods including Credit Cards.
(a) BP’s Payment Methods Program. BP may from time to time endorse and sponsor specific proprietary and third
party payment methods including certain credit cards, charge cards, fleet cards, debit cards, pre-paid cards, cents-offper-gallon price rollback cards and codes or other rewards program, and the like (individually or collectively,
“Payment Methods”) for use at specified Approved Retail Sites selling BP’s Products. BP will not be obligated to
sponsor or participate in any specific Payment Methods program, or may withdraw its sponsorship of, or
participation in, any such program at any time, or may condition any sponsorship or participation upon payment of
service, equipment or other fees by Jobber, Commission Marketer, Retail Contract Operator, or Dealer
(“Marketer”). If BP does sponsor or participate in a Payment Methods program (“Payment Methods Program”),
Marketer agrees that BP’s proprietary Payment Methods and all third party Payment Methods specified by BP will
be accepted at each payment point (including card-readers-in-dispensers, if present) at each Approved Retail Site
including, but not limited to, BP’s proprietary and third party cents-off-per-gallon price rollback cards and code
(except where prohibited by law). Marketer will strictly comply with the operating rules, terms and conditions of
any Payment Methods Program that BP may sponsor, by and through any manuals, including, but not limited to
the BP Payment Guide (“Guide”), bulletins, or other forms of written or electronic communications, as issued and
as amended from time to time. In addition, Marketer must fully comply with the then current Visa International
Operating Regulations and MasterCard Operating Rules and Regulations at all times.
BP will have the right to charge back sales transaction amounts made by Marketer’s customers for a period of
six (6) months from the date of a transaction. Marketer must maintain, or cause to maintain a paper record of each
transaction (including the actual draft generated at the time of sale) for a period of thirteen (13) months. This
obligation to maintain a paper record of each transaction does not impose any obligation on Marketer to retain a
similar electronic record.
BP transfers Marketer’s payment card transactions to a third party processor(s) on behalf of Marketer for purposes
of processing settlement. Marketer acknowledges and agrees that BP is only liable to Marketer for any non-received
payment card transaction settlement funds to the extent that BP actually received such payment card transaction
settlement funds from the third party processor(s).
The “BP Network” means the equipment and software referred to as the Electronic Payment Server (“EPS”)
box required by BP and which is located at the Approved Retail Sites combined with the wide area network
infrastructure outsourced by BP (“BP WAN”). The EPS and BP WAN act as the interface between the Approved
Retail Site and the processor selected by BP, to ultimately transfer Cardholder Data (defined below) collected
by Approved Retail Sites for authorization and settlement. The BP Network specifically excludes any and all
equipment and software owned and/or used by Marketer to collect and gather Cardholder Data and transfer it
to the EPS box and any wide area network infrastructure constructed and/or purchased by Marketer and used
by the Marketer to gather and transfer Cardholder Data from the EPS located at each of Approved Retail Site(s)
to the BP WAN (“Marketer Payment System”).
• REMEMBER if you have a breach:
- You may have to pay high fines from the card brands and other breach costs,
AND
- You may also lose your ability to process payment cards
4
(b) Electronic point-of-sale equipment, software and firmware.
(i) Marketer will comply at all times with the Guide, BP’s point-of-sale policies and guidelines, as amended from
time to time. Prior to selling any Products at any Approved Retail Site(s) and connecting to the BP Network,
Marketer will purchase and install, or cause to be installed with a BP-approved provider, at each Approved Retail
Site electronic point-of-sale equipment approved by BP (“Approved POS”) for processing transactions on the BP
Network. The purchase and installation of the Approved POS will be at the sole cost and expense of Marketer.
If at any time there are new requirements for point-of-sale equipment, within six (6) months of BP’s request,
Marketer will upgrade, or cause to be upgraded such Approved POS equipment as specified by BP at Marketer’s
sole cost. Subject to this Section, all such Approved POS equipment will, at all times, be connected to the
BP Network and will be operated using BP’s required most current Payment Methods software and firmware.
Marketer will install BP’s required most current software and firmware within six (6) months of its release.
Marketer shall own and/or be fully liable for the Approved POS equipment that is installed at each Approved
Retail Site and the Marketer Payment System including all duties and responsibilities for maintenance and
5
security in full compliance with your BP Contract and this Guide. Marketer shall address any defects in the
Approved POS directly with its vendor. Notwithstanding the foregoing, Marketer acknowledges that the software
and firmware and the specifications are proprietary products of BP or its vendors. Unless otherwise specified, no
right, title or ownership interest in any software or firmware will be transferred to Marketer from BP. Under no
circumstances will Marketer reverse engineer, decompile, disassemble or otherwise attempt to derive the source code
for the software or firmware or alter its intended functionality. Within six (6) months of BP’s request, Marketer
will
pay any and all additional or new costs or fees that may be incurred by BP that are associated with the
operation of the BP Network, including, but not limited to, costs associated with satellite connections,
access and/or telecommunications.
(ii) Marketer shall pay BP within thirty (30) days of receiving an invoice for all fees and charges invoiced by a third
party in connection with Approved POS or any software or firmware, or any imprinter plate costs. Any third party
fees may be invoiced directly to Marketer, in which event Marketer may pay such third party directly; provided
Marketer simultaneously sends BP a copy of Marketer’s evidence of payment. In addition, Marketer shall pay BP
a monthly fee for use of the BP Network and any software or firmware used at an Approved Retail Site equal to
the then current charge assessed by BP, as notified in writing to Marketer. Such monthly fee is subject to increase
by BP at any time by giving ten (10) days advance notice.
(iii) With respect to the Marketer Payment System, Marketer shall be liable for any and all fees, fines and assessments
charged or imposed on BP by a third party in connection with or as a result of Marketer’s failure to comply with
the Guide, as amended from time to time and as posted on BP’s official website www.bpconnection.com and this
Legal Notice. Marketer shall pay BP within thirty (30) days of receiving an invoice from BP for such fees, fines
and/or assessments.
(iv) BP shall have no obligation or liability to Marketer with respect to the Marketer for the Approved POS
equipment, and Marketer shall be solely responsible for any failures of the Approved POS equipment, and shall
be responsible for enforcing any warranties by the third party vendor. BP will have no obligation or liability with
respect to expenses, changes or damages incurred by Marketer with respect to the Approved POS equipment on
the BP Network.
(v) FOR NETWORK SECURITY BREACH (INCLUDING SUSPECTED), NON-CERTIFIED USE
(INCLUDING WITHOUT LIMITATION THE USE OF APPROVED POS EQUIPMENT OR BP
NETWORK TO ACCESS PORNOGRAPHIC OR ITEMS OF A SEXUALLY EXPLICIT NATURE OR USE
OF APPROVED POS EQUIPMENT OR THE BP NETWORK FOR AUTHORIZATION OF UNLAWFUL
PRODUCTS OR SERVICES) AND SIMILAR ISSUES, BP RESERVES THE RIGHT TO SUSPEND
OR DISCONTINUE NETWORK CONNECTIVITY AND PAYMENT CARD PROCESSING AT ANY TIME,
FOR ANY REASON, WITH OR WITHOUT NOTICES TO ANY OR ALL APPROVED RETAIL SITES
UNTIL ANY SUCH ISSUE HAS BEEN CURED TO BP’S SOLE SATISFACTION.
(vi) To the maximum extent permitted by applicable law, BP, its affiliates, employees and agents shall not be liable
to Marketer or any other person for any direct, indirect, incidental, consequential, special, exemplary, or punitive
damages, any anticipated or lost business, revenues or profits, any loss of data, business interruption, or equipment
downtime, or any other loss, harm, casualty, injury or damage of any kind, arising from or related to the BP
Network, the Approved POS equipment, due to Marketer installation, possession, use, maintenance, or removal
thereof, for any acts or omissions of a third party, or for the performance or non-performance of any obligations
undertaken under your BP Contract, from all causes of action of any kind, whether in contract, tort or otherwise,
and even if advised of the possibility of such damages. To the maximum extent permitted by applicable law, in no
event shall BP’s total cumulative liability arising or related to Payment Methods and Data Security from all causes
of action of any kind, whether in contract, tort, or otherwise, exceed the recurring monthly fees and charges paid
by Marketer to BP in the three (3) months preceding the accrual of the first such claim.
(vii) Marketer accepts the BP Network “as is” without any representations or warranties of any kind, express or implied,
and all use of the same is at Marketer’s sole risk. BP SPECIFICALLY DISCLAIMS ANY IMPLIED OR
STATUTORY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
TITLE, AND NON-INFRINGEMENT OF THIRD PARTY RIGHTS, RESULTS, EFFORTS, AND
ACCURACY. BP shall not be liable for delays or any failure to provide or install or operate the BP Network due
6
to causes beyond its reasonable control, including without limitation fires, floods, earthquakes, hurricanes,
epidemics, and other natural disasters and acts of god; strikes, embargoes, war, or acts of terrorism; riots, civil
unrest, sabotage, or theft or other criminal acts of third parties; failure of electronic or mechanical equipment;
denial of services attacks or other third party interference with the availability of the BP Network; or
fluctuations in or failures of electronic power, telecommunications, or the internet.
(c) PCI Compliance. Marketer agrees that it and its Agents will at all times fully comply with and its
Marketer Payment System, if any, will be in full compliance with the most current version of the following: i)
the requirements of the Payment Card Industry Data Security Standard, as modified from time to time by the
PCI Security Standards Council (“PCI SSC”), or similar standards required by payment card associations or the
PCI SSC; ii) any payment application software not provided by BP, must be a payment application that is certified
as compliant with the Payment Application Data Security Standard, as modified from time to time by the PCI SSC;
iii) the requirements of the Visa Cardholder Information Security Program that are set forth in the Visa Operating
Regulations or that are otherwise issued by Visa U.S.A., Inc., or its successors; iv) the requirements of the
MasterCard Site Data Protection Program that are set forth in the MasterCard Security Rules and Procedures
or that are otherwise issued by MasterCard or its successors; and v) all other applicable payment card companies
and their standards having to do with the protection or security of Cardholder Data, as such standards may be
modified from time to time (requirements specified in (i) through (v) jointly referred to as “PCI Requirements”)
and with all applicable laws and regulations having to do with the protection or security of Cardholder Data or any
parts of Cardholder Data (“Cardholder Applicable Law”). For purposes of this Section, “Cardholder Data” means
the numbers and other data assigned by card issuers to identify cardholders’ accounts (including all data within the
magnetic stripe), data about card transactions and other personal information of cardholders.
Marketer agrees that it and its agents will use the Cardholder Data that they store, process, handle, or transmit
under this Contract only as necessary to process card transactions, provide fraud-control services, perform their
obligations under this Contract, and comply with PCI Requirements and Cardholder Applicable Law. Marketer
agrees that it will only store electronically that portion of the Cardholder Data that is essential to its business,
but in no event anything more than the name, account number (which must be encrypted pursuant to PCI
Requirements), and expiration date. Further, Marketer agrees that paper copies of reports that contain Cardholder
Data shall be retained for the time specified in the Guide and then such paper copies will be destroyed in a manner
to make the document unreadable (i.e. cross-cut shred). Other than for the creation of secure and encrypted system
back-ups, Cardholder Data will not be copied, stored or transmitted to portable storage devices, including without
limitation, laptops, floppy disks, CD-ROMs, PDAs, digital images and flash drives. In the event Marketer provides
Cardholder Data to third parties (including, without limitation, third parties providing all or any portion of the
Marketer Payment System), other than those specified by BP, where the Cardholder Data will be retained by the
third party or transmitted through such third party’s systems/networks (“Third Parties” or “Third Party”),
Marketer will insure that such Third Party is certified as compliant with the most recent version of the PCI
Requirements. Marketer further agrees that it, its agents, and its Third Parties, through their acts or omissions,
will not cause BP, or BP’s affiliates to be in violation of the PCI Requirements and will be liable for all costs
(including without limitation all fees, fines and assessments) incurred by BP resulting from violations caused
by these acts or omissions.
With respect to all agents or employees of Marketer or Third Parties used by Marketer who at any time have access
rights to any parts of the BP Network (including, without limitation, the EPS box system), Marketer agrees to limit
such access to only those employees, agents or third parties with a need for such access to perform the authorizations
of credit and debit card transactions at Approved Retail Sites and in compliance with this Guide.
If Marketer discovers that unauthorized access has been, or may have been, gained to Cardholder Data stored,
processed, handled, or transmitted by Marketer or its agents or Third Parties, Marketer will immediately notify
BP and provide the applicable card company, the acquiring financial institution, and their respective designees access
to Marketer’s and its agents’ or Third Parties’ facilities and all pertinent records to conduct a forensic review and
a review of the compliance by Marketer and its agents or Third Parties with the PCI Requirements. Marketer shall:
i) keep BP regularly advised of the progress of the forensic and compliance review and ii) upon the request of BP,
provide BP with a copy of all drafts of the forensic/compliance report and the final version of the
forensic/compliance report resulting from such review. Marketer agrees that it and its agents will fully cooperate
7
and it will require its Third Parties to cooperate with any reviews of their facilities and records provided for in this
subsection. Marketer agrees that it and its agents will maintain and it will require its Third Parties to maintain
appropriate business continuity procedures and systems to ensure security of Cardholder Data in the event of a
disruption, disaster, or failure of BP’s or Marketer's primary data systems.
Attachment A
Marketer will provide BP and BP’s Affiliates with all certifications and other information reasonably requested by BP
or BP’s Affiliates to enable BP and BP’s Affiliates to show to card companies that Marketer and, if applicable, any Third
Party is complying with the PCI Requirements. BP and BP’s Affiliates will not be responsible for any expense Marketer
(or, if applicable, any Third Party) incurs in obtaining and maintaining required certificates or required information for
which Marketer does not already possess. If in the process of obtaining certification or validating compliance with the
PCI Requirements Marketer determines there are areas of non-compliance, Marketer will take appropriate action,
prompt under the circumstances, to remedy such non-compliance, including non-compliance of any Third Party.
All merchants that accept credit cards, regardless of size, must validate their Payment Card Industry (PCI) compliance.
To make validating your PCI easier than ever, BP updated the BP PCI Program. BP recommends you validate your
compliance each year by December 31.
Marketer's obligations under this Section will continue in effect after the termination of its BP Contract for so long
as it has access to Cardholder Data. In addition, Marketer will remain in full compliance with the then current Guide
and as amended from time to time and as posted on BP’s official website www.bpconnection.com.
BP RESERVES THE RIGHT TO TERMINATE AND/OR TEMPORARILY DISABLE MARKETER’S
ABILITY TO PROCESS PAYMENTS ON THE EPS (ELECTRONIC PAYMENT SERVER) AND/OR THE
BP NETWORK WITHOUT PENALTY IF BP REASONABLY BELIEVES AN APPROVED RETAIL SITE(S)
IS NOT IN COMPLIANCE WITH THIS SECTION. IN ADDITION, MARKETER WILL BE SOLELY
RESPONSIBLE AND FULLY LIABLE FOR ANY NON-COMPLIANCE WITH THIS SECTION. MARKETER
WILL INDEMNIFY AND HOLD BP HARMLESS FROM ANY AND ALL FINES, DAMAGES, PENALTIES,
FEES, ASSESSMENTS AND ACTIONS, INCLUDING ATTORNEY FEES AND COSTS, RELATED TO
ALLEGATIONS, CLAIMS OR INVESTIGATIONS IN ANY WAY RELATED TO MARKETER’S NONCOMPLIANCE WITH THIS SECTION INCLUDING, BUT NOT LIMITED, TO THOSE RELATED
TO ALLEGATIONS OF BREACH AND/OR COMPROMISE.
In the event the Marketer Payment System is provided in whole or in part through a Third Party (“Third Party WAN”),
then Marketer using a Third Party WAN must use a Level 1 network service provider listed on Visa's Global List of
PCI DSS Validated Service Providers (http://usa.visa.com/download/merchants/cisp-list-of-pcidss-compliantservice-providers.pdf) as PCI DSS compliant with the most recent version of the PCI DSS at the time of the
validation and that is listed as validated within the past 12 months. In the event the Level 1 network service provider
does not meet these PCI DSS validation listing requirements, Marketer must be able to provide BP with a Report on
Compliance (“ROC”) for the Third Party WAN showing compliance with the most recent version of the PCI DSS
at the time of the ROC and that has been validated by an approved Qualified Security Assessor (as defined by the PCI
SSC, “QSA”) within the past 12 months. Any Marketer whose Marketer Payment System is built by Marketer must
provide proof of its PCI compliance with either (i) a ROC showing compliance with the most recent version of the
PCI DSS and that has been validated by an approved QSA within the past 12 months, or (ii) a Self Assessment
Questionnaire (“SAQ”) validation type designated by BP, or if not designated by BP, then the SAQ validation type
for which Marketer qualifies pursuant to PCI SSC standards demonstrating compliance with every requirement. The
Marketer Payment System, even if a Third Party WAN, must also have an Approved Scan Vendor (ASV) (as approved
by the PCI SSC) complete quarterly network scans and provide those results to BP.
BP PCI Program
Program Overview
Features
Our BP PCI Program features TrustKeeper PCI Wizard, a tool designed by Trustwave and customized for BP Branded
Marketers to help you more efficiently and smoothly navigate through the Self-Assessment Questionnaire (SAQ). The
TrustKeeper PCI Wizard can assist you by:
• Helping you determine your requirements for Payment Card Industry Data Security
Standards (PCI DSS).
• Pre-populating answers to SAQ questions that focus on BP’s payment card network
to save you time.
• Moving you through the process quickly.
• Presenting the SAQ in an easy-to-understand format and language.
• Uncovering remediation needs and offering resolution tips.
Data Branch Risks
According to the Ponemon Institute, the average cost of a data breach in 2011 was $5.5 million and cost companies an
average of $194 per compromised record1. When applied to a site that sells 1 million gallons of fuel and generates an
average of 8,000 transactions per month, the cost of a data breach could add up to more than $1.5 million for a single
month of transactions2.
1 - Ponemon Institute, 2011 Annual Study: U.S. Cost of a Data Breach.
2 - BP Marketing and cards estimate based on a site that sells one million gallon of fuels and experiences a data breach. The cost of one month’s
worth of stolen transactions could total more than $1.5 million dollars (8,000 x $194 = $1,552,000).
Annual Cost
The annual cost of the BP PCI Program is only $60 per merchant*.
*According to PCI, a “merchant” consists of all locations owned or operated under the same tax ID with similar CommLinx set up.
(d) BP reserves the right to use any information obtained by BP through the Approved POS equipment, EPS, BP Network,
and/or any other equipment, software or firmware performing a similar or related service for product integrity, tracking
performance of offers and promotions, understanding premium ratios, calculating average throughputs per site,
validating customer volume submissions, summarizing information for marketing purposes, and similar uses.
8
9
Attachment A continued
How to find your merchant level and validate your PCI compliance
1. Find your merchant level using our tool at
www.bpconnection.com > Programs > PCI Compliance > BP PCI Program > Merchant Level Tool
2. Take action!
Follow the instructions below that apply to your merchant level:
For Level 1 Merchants
You can validate your PCI compliance by completing an audit.
To start, visit https://www.pcisecuritystandards.org/approved_companies_providers/qsa_companies.php
to find a Qualified Security Assessor (QSA) to perform your audit.
Need help preparing for your audit? Consider taking the SAQ with our customized TrustKeeper PCI Wizard at
https://pci.trustwave.com/bp.
You or your staff can validate your PCI compliance by becoming an Internal Security Assessor (ISA) and completing the
SAQ with our customized TrustKeeper PCI Wizard. Find out more about ISA training at
https://www.pcisecuritystandards.org/training/isa_training.php.
• Complete the registration form:
- Company Name – use the name of one of the sites you are validating (the site must sell fuel).
- Merchant ID – SVB of the above site you chose.
- Country, State, Zip code of the above site you chose.
• Pick one of the four CommLinx setups that applies to the site you chose.
• You can only register one BP site at registration.
• If you have more than one site with the same CommLinx setup, you can validate compliance for all sites
with one SAQ. To do so, call Trustwave Support (800-363-1621) or send an email ([email protected])
and provide them a list of all BP branded sites.
For more information
If you have questions about the process, please call Lee Grabnic at 312-594-7411 or send an email to
[email protected]. For questions about TrustKeeper, please call Trustwave support at (800) 363-1621,
or send an email at [email protected].
Alternatively, Level 2 merchants may validate PCI compliance by completing an audit. To start, visit
https://www.pcisecuritystandards.org/approved_companies_providers/qsa_companies.php to find a Qualified Security
Assessor (QSA) to perform your audit.
You can validate your PCI compliance by taking the SAQ with our customized TrustKeeper PCI Wizard at
https://pci.trustwave.com/bp.
SAQ Registration Tips
To start the SAQ, visit https://pci.trustwave.com/bp and click “Get Started”.
10
11
2.0 Fraud
Attachment B
Data and Fuel Theft Prevention
Recommended Monthly CommLinx Equipment Visual Inspection
If you discover a security breach:
In order to comply with the Payment Card Industry Data Security Standard (PCI DSS), you must inspect your payment
card processing equipment, including the network switch, the V900 or V920 (EPS), BP provided telecommunications
equipment (Hughes VSAT 7700 or Siemens DSL router), the VLinx box (Retalix ampm sites only) and POS System at least
monthly to ensure that no unauthorized equipment has been connected to it. This inspection must be documented in an
inspection log.
Below is a sample inspection log.
If you find any unauthorized equipment, take the following actions:
- If a “skimming” or “sniffing” device is found on an indoor or outdoor payment terminal,
immediately put the payment terminal with the “skimming” or “sniffing” device out of service
- Immediately contact your local police
- Immediately contact the ABSC helpdesk
- Immediately notify your JSM or RAE
- Do not touch or unplug the unauthorized equipment until told to do so by the ABSC helpdesk, a BP employee,
or law enforcement.
Skimming at dispensers and fuel thefts
According to recent news stories millions of dollars have been stolen from consumers as a result of skimming at gasoline
dispensers or pinpads.
Given the fact that skimming incidents appear to be on the rise and hitting all parts of the country, Marketers should be
vigilant of the potential for thieves installing skimmers in gasoline pumps have not hit your area yet, it’s only a matter
of time. Most gasoline is paid for with credit or debit cards, and even at a single dispenser, a criminal can capture a lot
of card data in a short amount of time.
Below, you will find some tips that can help reduce the risk of sites being hit by thieves attempting to skim payment
card information from a dispenser or pinpad, use that stolen card information to commit fraud, or use other means to
steal fuel.
Additional information about fraud protection is available from the PCATS Data Security Committee and NACS.
Two documents that may be of particular interest to you are the ‘PCI Convenience Store Employee Data Security Training
Manual’ and a Data Security Briefing entitled ‘Protecting Payment Card Data at Your Dispensers,’ developed by the
PCATS Data Security Committee (contact them at www.pcats.org).
How Skimming Thieves May Work at the Dispenser
The first thing a criminal requires is the privacy to gain access to the dispenser’s internal electronics. In general they
carefully select a dispenser on an outside island, away from the main building that is difficult for the cashier to see from
behind the counter. They may then park a vehicle in position to block the view from the rest of the forecourt. These are
generally large vehicles that resemble work trucks, used so they will not arouse suspicion from consumers making their
fuel purchases at other dispensers.
Many times thieves will work with two vehicles, one to block the view and another on the opposite side of the island
to block view of the other fueling position providing even more privacy. Once the vehicle or vehicles are blocking the
view of the dispenser and providing some measure of privacy, the criminal may be able to gain access to the dispenser
using a standard dispenser panel key. These dispenser keys are, unfortunately, widely available.
Skimming Devices
Once the panel on the dispenser is opened, the thieves may install a skimming device. Some of these devices are very
small and hard to see by the untrained eye. A skimmer can be installed in a matter of minutes, and these devices may
be difficult to identify, so it is a good practice to get familiar with the normal appearance of your dispensers.
Note that a camera can also be placed above the card reader and keypad, often used to capture account number and
PIN numbers as they are entered.
12
1
2.0 Fraud
Skimming Prevention
So what can you as a Marketer do to reduce the risk of thieves from stealing credit card information or fuel from your sites?
There are several steps recommended by the PCATS Data Security Committee that can be implemented that are relatively
low cost. According to PCATS, Site operational procedures are the single most important weapon that a petroleum
convenience store operation has to combat skimming and fuel theft. Some suggestions are:
• Identify the dispensers at your site that are ‘high risk,’ (i.e., those on the far outside island that are the hardest to
monitor from inside the store). Instruct site personnel to be extra vigilant in noting any unusual activity at these
fuel islands.
• Consider purchasing an alarm system such as those sold by FlintLoc to alert on site or off site personnel of
threats to dispenser or site security.
• Consider purchasing dispenser door locks from a third party company such as CompX. Unlike the standard
dispenser locks which are virtually universal, you can get custom locks that are unique for every site. Access to
your unique dispenser keys would be restricted to only approved personnel, and even replacement keys must be
approved by authorized site or jobber personnel.
2.0 Fraud
These labels are also available from BP Parts!
To best utilize these stickers:
• Place the tamper-evident stickers on the access panel of the dispenser and record the serial number of the
sticker, noting the fueling position at which it is installed. Also note any scratches or dents on the dispenser
access panel and record it so site personnel can subsequently note any new damage or evidence of tampering.
This record should be used for daily inspections.
• Create a daily inspection checklist and train site personnel on how to use them to perform daily dispenser
security checks.
• Consider taking photographs of the inside and outside of the dispensers for reference. This provides an
accurate view of the ‘as-is’ condition of each dispenser panel and the inside electronics.
• Visually inspect every dispenser for tampering at least once per day, and have the cashier perform a checklist
of activities. This can be accomplished as part of the shift change procedures. See Sample at end of section.
– Examine each entire tamper-evident sticker on dispenser panels to sure that they are intact. (The word
‘VOID’ will appear on a sticker in the area that has been tampered with). Verify the unique serial numbers
on the stickers against those recorded in the checklist to determine that the stickers have not been removed
and replaced.
• Have site personnel monitor issues with dispensers. A high incidence of bad card reads or problems accepting
cards at one fueling position or one dispenser may indicate that the dispenser has been compromised. (See the
example of an inspection log)
– Examine locks and panels on dispensers for tampering (e.g., scratches, dents, or cuts that were not there
during the initial inspection).
• Create a reference sheet for store personnel that can be posted near the POS, advising cashiers of what they
should be on the lookout for, including the following:
– If you suspect fraud at the dispenser, bag the dispenser immediately and take it offline, then contact
a qualified service provider to check the interior of the dispenser for evidence of a skimming device.
If found, contact law enforcement but do not remove the skimmer.
– Be suspicious of vehicles (especially those that block the view of the dispensers) parked on the forecourt
for extended periods of time – especially at the outer islands.
– Be alert for anyone appearing to be a technician performing unauthorized work on dispensers.
– Be alert for any ‘dispenser offline’ messages displayed on the POS. This may indicate that a dispenser may
be put in ‘Maintenance Mode’ to facilitate fuel theft, or that circuit boards have been pulled out to install
skimming equipment.
• Consider using security labels. NACS members can now purchase
these tamper-evident security labels The labels, developed by
TydenBrooks, can help retailers identify potential security breaches
if skimming devices are inserted at fuel dispensers or other
unattended PIN-entry devices (PEDs). These security labels should
be used on fuel dispensers near the credit/debit card transaction
area. If a label is lifted to insert a skimming device, a ‘VOID’ message appears on the label, providing a visual
alert to store employees. Because the labels clearly indicate that they are to prevent tampering, the labels help
discourage criminals from targeting the dispenser. These labels can be used at fuel dispensers and any other
transition areas such as ATMs and vending machines, or to protect overnight storage of transaction materials, i.e.
batch reports.
Ordering information for these labels is below. A link to the TydenBrooks website is also at
http://www.nacsonline.com/NACS/Pages/default.aspx.
Website: http://WECARE.tydenbrooks.com
Username: NACS
Password: WECARE
• Stay current on security standards and fraud and theft vulnerabilities in the convenience and petroleum
retailing industry, particularly in your local area or state.
• Work with your equipment service providers to create mutually acceptable standards for technician visits and
technical identification. Train site personnel to ask for proper identification from technicians before any work
is done on your POS or dispensers, and what to do if they discover unauthorized activity. Also, be suspicious
of any unplanned visits from individuals claiming to be pump inspectors or technicians (especially off hours).
• Take steps to remove any obstructions that prevent cashiers or other site personnel from a line of sight
to all dispensers, to aid in observing any suspicious activity on the forecourt.
• Document all preventative steps, and use this documentation to adequately train all site personnel on their
role in preventing skimming and theft.
Preventing Skimming Inside the Store
Visa strongly recommends that merchants be vigilant and maintain a secure store environment at all times, especially
around cash registers and indoor Pinpads. To encourage such vigilance, the PCI Security Standards Council has
published skimming prevention best practices that include:
• Visually inspecting terminals on a regular basis to identify anything abnormal, such as missing or altered seals
or screws, extraneous wiring, holes in the device, or the addition of labels or other materials that could be
used to mask damage from device tampering.
• Physically securing terminals and Pinpads to counters to prevent removal; physically securing all cable
connections.
• Validating the identity of repair technicians. Unauthorized or unexpected service personnel should be denied
access; authorized and validated repair technicians should be escorted and monitored.
• Periodically weighing the equipment and comparing it with vendors’ specification weights to identify the
possible insertion of bugging device.
2
3
2.0 Fraud
2.0 Fraud
In order to comply with the Payment Card Industry Data Security Standard (PCI DSS), you must also inspect your
payment card processing equipment, including the Netgear switch, the V900 or V920 (EPS), BP provided
telecommunications equipment (Hughes VSAT 7700 or Siemens DSL router), and for Retalix sites that have them, the
VLinx box. You must also inspect the POS System at least monthly to ensure that no unauthorized equipment has been
connected to it. This inspection must be documented in an inspection log.
Other Steps to Improve Pump Security
• Replace the common dispenser door locks with universal keys with locks that are unique to your location.
Note that the security of this key and access to it by authorized personnel is an important part of site
operational procedures.
• Consider upgrading any flat membrane keypads with encrypting key pads that have full travel, or raised
numeric keys that make it difficult to add a fake keypad overlay (used to capture debit PIN numbers).
Below are images of the equipment, and a sample inspection log.
DW7700
DSL
V900 (EPS)
• Investigate the cost/benefit of adding secure card readers that limit physical access to credit card data.
NetGear
VLinx
• Use video surveillance equipment to discourage unauthorized access to dispensers. Make equipment
monitoring obvious, and post signs stating that the forecourt is being monitored.
• Properly illuminate the forecourt.
• Perform a review of the dispensers with your equipment provider to create a baseline for each location,
and determine an upgrade strategy that considers the risk for the site, business needs, and upcoming
upgrades.
Monthly CommLinx Equipment Visual Inspection Log
Date
Employee Name
Any unauthorized
equipment found?
If yes, please explain.
What actions were taken?
Employee Signature
Remember – site security depends on replicable processes and activities by site personnel that can be executed.
These may help reduce the risk of losing credit card data or fuel to thieves.
It is important not to implement any procedures that put site personnel at risk. Under no circumstances should site
personnel confront anyone on the forecourt, even when suspicious activity is taking place. Have site personnel contact
the emergency number for local law enforcement if such activity is observed.
If there are questions about the content of this section – contact Jim Williams of the Payment Systems Team
at [email protected].
Daily Site Checklist
Preventing Skimming Inside the Store (Continued)
If you find any unauthorized equipment, take the following actions:
Immediately contact law enforcement
Date
Location
(Fueling
Position)
Sticker Numbers
FP1
000010
FP3
000011
FP3
000012
FP4
000013
FP5
000014
FP6
000015
FP7
000016
FP8
000017
Note sticker numbers
verified and intact, or
other damage present
Inspector Initials
Immediately contact the BP helpdesk who will notify the Payment Systems Team
Immediately notify your BDM or RAE, if known, or contact your jobber
Do not touch or unplug the unauthorized equipment until told to do so by the police, the Secret Service, or the
BP helpdesk
Preventing Gasoline Theft
Another problem is gasoline theft. There are a variety of ways that thieves can steal fuel from a retail site which include:
• Use stolen or counterfeit payment cards
• Open the dispenser panel and place dispenser in ‘Manual’ mode
• Take fuel right out of the in ground tanks
Tactics used for stealing fuel are similar to those used to install skimming devices, but with the additional twist that
the vehicles used to block the view of the dispenser, also contain large fuel tanks used to transport and sometimes store the
stolen fuel.
Steps to prevent fuel theft are similar to those used to prevent skimming.
• Be suspicious of vehicles (especially those that block the view of the dispensers) parked on the forecourt
for extended periods of time especially at the outer islands.
• Be alert for anyone appearing to be a technician performing unauthorized work on dispensers.
• Be aware of any complaints from consumers about a strong smell of gasoline on the forecourt.
Vehicles used to transport stolen fuel are usually vented, allowing the smell of the fuel to escape.
4
5
3.0 Acceptable Payment Methods
All Payment Methods (as defined in Section 1.0(a)) excluding PIN-debit must be accepted at each payment point
at each Site. All transactions must be processed through electronic point-of-sale equipment approved by BP for
processing transactions and all transactions must be processed on BP’s then current payment and reward network.
BP Proprietary Consumer Cards
Third Party Commercial Cards
BP Card - Private Label
BP Gift Card - Prepay
BP FuelCircle
BP MultiCard - Private Label
BP Visa® - Cobrand
ARCO PumpPASS - Prepay
Visa Fleet Card
MasterCard Fleet Card
PHH/WEX Cobrand Card
Voyager Card
Wright Express Card
Fleet One Local
Fuelman
BP Proprietary Commercial Cards
Debit Cards
BP Business Card - Private Label
BP BusinessPlus Card - Private Label
BP Business Solutions Fuel Card - Private Label
BP Business Solutions Fuel Card Plus - Private Label
BP Business Solutions MasterCard® - Cobrand
BP In-Station Card - Private Label
Accel
AFFN
Credit Union 24
InterLink
Jeanie
Maestro
NYCE
PULSE
Shazam
Star
Third Party Consumer Cards
American Express Card
Discover Card
MasterCard (Credit, Signature, Debit)
Visa (Credit, Signature, Debit)
BP Pump Rewards
Cents-off-per-gallon Cards and Codes
BP Driver Rewards
BP Proprietary Cards
Card Type
BP Card
BP MultiCard
Authorization
Requirements:
Electronic Sales
Merchant No.
Other Info
BP Business Card
BP BusinessPlus Card
BP Business Solutions
Fuel Card
Fuel Card Plus
BP In-Station Card
BP Business
Solutions
MasterCard
Swipe Card
Manual Paper
Ticket Sales*
For Authorization
Call
BP Visa®
Must call on
ALL manual sales
1-888-541-3801
When prompted for
transaction code,
enter 1 for
“authorization only.”
1-888-541-3801
When prompted for
transaction code,
enter 1 for
“authorization only.”
Merchant No.
045675
Merchant No.
045675
1-800-414-6977
1-800-760-8870
Your 7 digit SVB #
Sales of non-fuel products over $50.00 require verification of positive identification. Check
ID and mark "VPI" on sales receipt.
* Refer to Section 8.0 of the Guide for instructions on how to process a manual paper ticket sale.
6
1
BP Pre-Paid Proprietary Cards
Third Party Consumer Cards
Card Type
Card Type
Visa
Prepaid In-site
(BP and ARCO)
Prepaid B2B
Prepaid Third Party
Authorization
Requirements:
Electronic Sales
Manual Paper
Ticket Sales*
Authorization
Requirements:
Electronic Sales
MasterCard
Swipe Card
Must call on ALL manual sales
Swipe Card
For Authorization Call
1-800-447-1196
Manual Paper
Ticket Sales
Manual sales are NOT ALLOWED
Merchant No.
7 digit SVB #
Merchant No.
7 digit SVB #
Balance Inquiries
Call 1-800-519-3560; you will need the 19 digit account number.
Processing A Sale
Refer to Section 10.0 of the Guide for instructions on how to process a sale.
Card Type
Discover Network
Authorization
Requirements:
Electronic Sales
Manual Paper
Ticket Sales*
For Authorization Call
American Express
Swipe Card
1-800-347-1111
1-800-528-2121
6011 0135 4418 285
312 528 4984
Merchant No.
2
3
Card Type
Card Type
PHH Service-Blue
PHH Service-Red
Authorization
Requirements:
Electronic Sales
Wright Express
Voyager
Authorization
Requirements:
Electronic Sales
Visa Fleet
Manual Paper
Ticket Sales*
Swipe Card
1-800-842-0071
1-800-987-6589
1-800-447-1196
1-800-447-1196
Follow EPS prompts
for Driver ID,
odometer
information, Vehicle
#, License, Job User,
Customer Data, and
Dept. No.
Fuel grade MUST be
indicated on manual
sales tickets.
• Obtain Fleet Manager
authorization for all repairs above
card limit or over $150.00.
• The Wright Express (WEX)
account number for fuel is located
in the gray portion of the card and
should always be used to process
fuel purchases.
• Manually entered WEX cards are
restricted to fuel or non-fuel
based on the fuel only prompt
that appears if non-fuel is
purchased (cashier must enter
based on the card face).
Other Instructions
Send repair invoices to:
PHH, Mail Code BX
PO Box 13023
Baltimore, MD 21203-3023
PHH will not pay for invoices over the card limit that were not authorized.
Contact the Fleet Manager for authorization.
Additional card limit detail and billing instructions can be obtained by
calling 1-800-638-7900.
Follow EPS prompts for Driver ID and odometer information.
Card Type
Fleet One Local
Authorization
Requirements:
Electronic Sales
• The Wright Express (WEX) account
number for fuel is located in the gray
portion of the card and should always be
used to process fuel purchases.
• Manually entered WEX cards are
restricted to fuel or non-fuel based on the
fuel only prompt that appears if non-fuel
is purchased (cashier must enter based
on the card face).
Swipe Card
BP Pump Rewards
For questions specifically related to Price Rollback Cards and Codes, call the number physically located on the single use
card or code. For additional information, please refer to section 13 of this Guide.
Manual Paper
Ticket Sales*
Manual sales are NOT ALLOWED
For Authorization
Call
1-800-359-5787
Merchant No.
Other Data Required
Fuelman
Driver ID and odometer information
Purchase
Restrictions
7 digit SVB #
4
1-800-842-0071 - Fuel
1-800-638-7900 - Service
Other Data
Required
Merchant No.
Other Data Required
For Authorization
Call
Manual Paper
Ticket Sales*
For Authorization
Call
MasterCard Fleet
Swipe Card
1-800-877-9013
7 digit SVB #
Follow EPS prompts for Odometer
and Vehicle #
Follow EPS prompts for Driver ID and
Odometer.
5
4.0 Card Processing
There are two solutions for card processing on the BP Network. The first and most prevalent option uses an approved multifunction Point of Sale (POS) along with the Electronic Payment Server (EPS). The second is the LinxSimple solution, a dial
device whose only function is to process payments. Both solutions accept the same cards.
Electronic Payment Server (EPS)
This device is an open-standards piece of computing hardware that does all of the communication between the Point of Sale
(POS) and the BP network. This system enables implementation of card processing changes independent of the POS
system. This solution requires a 7 digit SVB number. It is strongly recommended that the V900 series EPS device be
plugged into an approved power conditioner, such as the PowerVar ABC065-11, to provide filtering and protection from
power events, or an advanced uninterruptable power supply to protect it from power outages, and other events.
EPS Hardware/Software Information
BP uses the V-900 and the V-920 EPS solutions, but future options may include the V-910, which is integrated into the
VeriFone Sapphire hardware, or the VeriFone “Commander” POS solution which also has an integrated EPS. BP also uses
the Mx850 pinpad, where customers swipe their payment or rewards card when purchasing fuel or merchandise.
LinxSimple
This solution is a stand alone device that uses a direct dial telephone line to connect to the BP Retail Network for card
processing. This solution also requires a 7 digit SVB number.
Point of Sale (POS) Devices
Approved POS Systems
In order to process payments via EPS at your site, you must have a CommLinx approved Point of Sale and it must be
running PA DSS approved software. The sites must also have the Mx850 pinpad with Triple DES (TDES) debit encryption
in order to accept debit transactions indoors. There are several POS systems available that are integrated with the EPS.
The approved POS systems are:
VeriFone
Ruby, Ruby/Sapphire, Topaz
Web Site: www.petro-c.verifone.com/
The Pinnacle Corporation
Palm
Web Site: www.pinncorp.com
Gilbarco
Passport
Web Site: www.gilbarco.com
Retalix
StorePoint
Web Site: www.retalix.com
Dresser Wayne
Wayne Nucleus
Web Site: www.dresserwayne.com/nucleus/2
NCR/Radiant
Under development
Web Site: www.ncr.com
Fiscal Systems
Trav-Star 1
Web Site: www.fis-cal.com
LinxSimple
Omni 3750, Vx570
All of the above POS systems, except for LinxSimple must have Mx850 installed with TDES encryption to accept debit
inside the store. It is the responsibility of each site to make sure that all Point of Sale devices are configured properly.
Fuel Product Codes: Fuel product codes must be input correctly, using the NACS approved product codes. For information
on how to check the configuration of product codes, please call your servicer or POS support group. Detailed instructions
for certified technicians are also available on www.bpconnection.com (Cards > Operational Information).
6
1
4.0 Card Processing
4.0 Card Processing
Cards Processing Specifics
Prepay Procedure (EPS only)
Card Swipes
The customer will swipe their own card through the Mx850 Pinpad. The customer will enter their debit PIN or commercial
card information for all inside transactions at this pinpad.
Credit/Debit Prompt
There is no need for the cashier to ask the customer if the payment is credit or debit, as the customer will make that selection
at the pinpad. For certain bank cards, the customer may see an option to select credit or debit at the pinpad.
The prepay fuel procedure will allow customers to purchase fuel and non-fuel items at the time of prepay and sign a prepay
receipt. This will eliminate the need for the customer to return inside the store after dispensing their fuel. Please note that for
some POS systems, the fuel purchase must be added to the sale after the merchandise. Once fuel is added, no merchandise is
allowed in the sale. NOTE: The receipt printed at the time of prepay will indicate, “PREPAY Receipt” above the card type and
the customer will need to sign this receipt and then fuel. If the customer wants a copy of the final receipt, they can return inside
to obtain a copy of the FINAL SALE receipt which will show the dispensed amount, gallons and product type. The
final/completed receipt will indicate, “FINAL SALE Receipt” above the card type.
Credit Card Minimums
Merchant Copy: Please staple the PREPAY receipt with the Customer Signature to the FINAL SALE receipt. Both will need
to be submitted when responding to RFCO and chargeback requests.
Sites may only set minimum credit amounts on credit transactions $10.00 or less. If sites decide to set a minimum, they are
required to post signage letting their customers know. Minimums may not be set for Debit transactions. Failure to comply
may result in violations passed down by credit or debit card issuers.
Refunds
Signature Requirements
• Refunds will only be allowed for transactions in the current or previous batch (Refunds from older batches must
be called into the GBS-americas help desk as Sales Cancellations).
Signatures are required on all credit card payments, except as noted below:
• Refunds must be less than or equal to the amount of the original transaction.
• No signature is required for American Express, Discover, or MasterCard if purchase is less than $50.00. No signature
required for Visa sales less than $25.00 (excluding BP Visa).
• Contactless transactions (see Contactless Payment section)
• Refunds are not allowed on Debit Cards or BP Gift Cards.
• Refunds are not allowed when the network is offline (If the network is offline, the site must call the GBS-a help
desk to process the Sales Cancellation).
• Prepay transactions (see Prepay Procedure section)
Contactless Payment
Contactless payment is a payment method for collecting cardholder information from the credit card. American Express,
Discover, MasterCard and Visa have all created contactless cards based on the ISO 14443 standard. These cards use Radio
Frequency (RF) to pass the cardholder information from the card to the specially designed card-reading device.
These devices are additional hardware modules that are installed on the pinpad or on the dispensers. The cardholder will
wave or tap the card over these RF readers instead of swiping the card. The credit card companies that offer contactless card
products are:
• Refunds are not allowed for the purchase of BP Gift Cards. Any transactions that include the purchase of a Gift
Card may only be refunded by calling the GBS-a help desk.
• The cashier will be prompted for the STAN from the original receipt (EPS only). This will validate the original
sales transaction and ensure the refund can be performed.
• Refunds should not be issued if there is a chargeback for the transaction.
Receipt Information
The EPS is responsible for the network portion of the receipts and includes:
• American Express – ExpressPay
CARD NAME $xxx.xx
Acct/Card xxxxxxxxxxxxx#### (only the last 4 digits will be displayed)
Auth # XXXXAA (See below)
Ref AAEBBSSS (See below)
Resp Code XXX
Stan TTTTNNNNNNNNNN (See below)
• Discover - Zip
• MasterCard - PayPass
• Visa - payWave
Signature requirements for contactless cards are the same as swiped cards, as listed above.
Card Type Codes
AC – ABC (BP Business –
formerly Amoco Business Card)
AX – American Express
BB – BP Brand Marketer
BC – BP Consumer Card
BF – BP Fleet (BP Business Plus – formerly
BP Fleet Manager II)
BP – BP Business (formerly BP Fleet Manager I)
• Refunds must be refunded to the same credit card as the original transaction.
BU – BP Universal
BV – BP Visa
DB – Debit
DC – Discover
FM – Fuelman
FO – Fleet One Local
MC – MasterCard
MF – MasterCard Fleet
SV – SVS (BP Gift Card)
TC – Transicard (BP Business Plus –
formerly Transicard)
VI – Visa
VF – Visa Fleet
VY – Voyager
WX – WEX
Auth #
Ref
XXXXAA
AA = approval code
AAEBBSSS
AA = approval code
E = entry method
0 = Inside Contactless (RFID)
1 = Manual Entry
3, 5 or 7 = Inside (Card Swiped)
4, 6 or 8 = Outside (CRIND)
9 = Outside Contactless (RFID)
Debit
Indoor debit is automatically enabled. Cash back with debit is enabled by default. If a site does not want to offer cash back, they
can contact the BP Help Desk (Global Business Services - Americas). Outside debit can be enabled once the site has installed
the necessary equipment. A call to the GBS-a will be required to enable outside debit.
BB = acquirer batch
SSS = sequence number
Resp Code
BP Gift Card Activations
The customer will swipe their BP Gift Card at the pinpad for activation. More detailed information concerning activation
can be found in Section 10.0.
2
STAN
XXX
Value of 000-049 or F00
TTTTNNNN
TTTT = terminal batch (not applicable for LinxSimple)
NNNN (variable length)
3
4.0 Card Processing
Batches
There are two types of Batches:
1. Acquirer Batch: This is the Batch that should be used to reconcile payment with settlement. There will most likely be
multiple Acquirer Batches to a single Terminal Batch. Acquirer Batches can be found in the EPS Terminal Batch Detail
Report or in the EPS Acquirer Batch Detail Report. Acquirer Batches are closed at Shift Close, Day Close (based on site
configuration) and after every 50 transactions.
2. Terminal Batch: A Terminal Batch is controlled by the POS Day Close. Depending on how the POS closes the day, there
could be multiple Terminal Batches in a business day or a Terminal Batch could span multiple business days. It is highly
recommended that you perform a POS End of Day close each day. Failure to do so will complicate the settlement process.
Terminal Batch is not applicable for LinxSimple (EPS only).
There are three Close Batch options:
1. Close Shift
2. Close Daily
3. Send Offline Transactions – This function is initiated on the POS system and is used to send pending credit card
transactions from the EPS to PayPoint for processing. This function is typically used for troubleshooting POS to EPS
connectivity and during the POS system change out or SVB number change out processes.
EPS Reports
Network Reports are dynamic with the EPS and no longer stored on the POS. Each POS will display a set of menu options
(typically located under Network Reports) that will provide access to the printing of these reports. When the site navigates
through the Network Report options, the EPS will provide a list of available reports. Currently the EPS stores approximately
5 days of Network Reports. Below is a current list of available Network Reports on the EPS.
EPS/Network Specific Reports
1. Terminal Batch Summary Report
The Terminal Batch Summary Report provides a grand total for all card sales in the specified Terminal Batch
and is broken down by Site (each POS and Pump has a unique Workstation Number), along with Number of
Transactions and the Site Total. The time the Terminal Batch opened and closed is on each report, including the date
and time the report was printed. There is a summary by Acquirer Batch section at the bottom of the report where each
Acquirer Batch is listed with the Batch total amount and an indication of whether the Batch is in balance or not. If the
Batch is not in balance, the amount and the difference will be noted. The Terminal Batch Summary Report needs
to be printed EVERY DAY to reconcile with settlement.
4.0 Card Processing
2. Terminal Batch Detail Report (POS Batch/Day)
The Terminal Batch Detail Report provides details of each transaction listed by Acquirer Batch in the specified
Terminal Batch (account number, card type, reference number and sales total are included). Additionally, sales totals,
adjustments and the Batch totals are summarized at the end of the report. This report prints all of the Acquirer Batches
within that Terminal Batch. This report should be kept in a secure site for 13 months and then destroyed by cross-cut
shredding. For more information, refer to Section 1.0. Refer to item #3 below for more details on the Acquirer Batch
Report. The Terminal Batch Detail Report must be printed EVERY DAY to reconcile with settlement. Missing
sales and/or batches WILL NOT be recreated if the Terminal Batch Report is not provided.
3. Acquirer Batch Detail Report (BP Settlement Batches)
The Acquirer Batch Detail Report provides details of each transaction in a specified Acquirer Batch and includes
account number, card type, reference number and the total of the transaction. Additionally, sales totals, adjustment
and Batch totals will be shown at the end of the report. The Acquirer Batch is used to reconcile with payment. Terminal
Batches are closed at Shift or Day Close (depending on POS/site configuration). Acquirer Batches will be closed after
every 50 transactions or on a Terminal Batch close. This information will be required for the GBS-a to recreate any lost
Batches or lost credit card sales. Some sites may prefer to print Acquirer Batches daily versus the Terminal Batch Detail
Report. This option should be used if the Terminal Batch Report ever fails to print all of the Acquirer Batch details.
The Acquirer Batch Report must be printed EVERY DAY to reconcile with Settlement.
4. Reconciliation Request Receipt
The Reconciliation Request Receipt acknowledges your last request for a Terminal Batch close and will provide the
current Terminal Batch number.
5. Manual Transaction Report
The Manual Transaction Report lists the transactions that have been manually key entered at the POS. The report
is printed by Terminal Batch.
6. Repeat Usage Report
The Repeat Usage Report will print a row for any card that is used multiple times at a site, within a Terminal Batch.
This report is designed to assist in researching fraudulent activities.
Card Table Report
Card Type Report
This report contains a list of the card types accepted on the BP Retail Network and is primarily used by support personnel,
and/or when configuring discount by card types in the POS.
4
5
4.0 Card Processing
4.0 Card Processing
System Reports
Download Notice
Configuration Report
The Download Notice will be available on the POS to indicate when a new software release will be downloaded and applied.
The Configuration Report contains the EPS software version and configuration information (such as IP address, baud rate,
etc.) and is primarily used by support personnel.
Fuel Price Notification
The most current price notification that has been sent to the POS will be found in this menu option.
Price Notification changes with the EPS Network.
• For Dealers, go to www.bpconnection.com to obtain the Dealer tank/wagon prices.
• For CMs, the Price Notification Report will be available via the EPS reports.
RFCO (Request For Copy)
Info Message
This is to provide updates to the site. It is currently not used.
Reward Settlement
The Reward Settlement Report is for BP Price Rollback/Reward transactions and will be available on both the POS
and www.bpconnection.com.
The 6 most current Reward Settlement Reports are available for printing or reprinting on the POS. The word,
“New” will appear next to each Settlement Report that has not been printed. The Reward Settlement Reports should
be printed EVERY DAY.
The RFCO Report is available on both the POS and on ClientLine via www.bpconnection.com.
The 7 most current RFCO Reports are available for printing or reprinting on the POS. The word “New” will appear next
to each RFCO that has not been printed. Be sure to review the RFCO Report option daily to see if there are new
reports that need to be printed.
Loyalty Reports
From www.bpconnection.com, click the ClientLine link. RFCO notifications can be viewed on the bottom of the Daily
Settlement Report (HL0412) in ClientLine. For detailed information and response requirement log in to the Dispute
Manager system from the ClientLine login. IMPORTANT: You must respond to RFCOs within 14 days or it will turn into
a chargeback. For more information, see Section 11.
2. Loyalty PPU Transaction Detail Report
The Loyalty PPU Transaction Detail Report will show every Price Rollback transaction.
Settlement
The Settlement Report will be available on both the POS and on ClientLine via www.bpconnection.com.
The 7 most current Settlement Reports are available for printing or reprinting on the POS. The word, “New” will appear
next to each Settlement Report that has not been printed. The Settlement Report should be printed EVERY DAY.
This information is also available on ClientLine via www.bpconnection.com. Log in to bpconnection.com > Links >
ClientLine. After logging in to ClientLine, choose ClientLine Reporting to view settlement information. To view the
Daily Settlement Report, please select the HL0412 report. The settlement information is maintained for 6 months and can
be downloaded into a .csv format. This HL0412 report can also be set to run daily and to be sent via email to the email
address provided.
Chargeback
The Chargeback Report will be available on both the POS and on ClientLine/Dispute Manager via
www.bpconnection.com.
The 7 most current Chargeback Reports are available for printing or reprinting on the POS. The word, “New” will appear
next to each Chargeback Report that has not been printed. Be sure to review the Chargeback Report option daily to see
if there are any new reports that need to be printed.
Log in to bpconnection.com > Links > ClientLine. After logging in to ClientLine, choose Dispute Manager System to view
Chargebacks. IMPORTANT: You must respond to all chargebacks within 14 days. If you do not respond, the site
will be financially impacted within 20 days of the original notification date. For more information, see Section 11.
1. Loyalty Discount by Type Report
The Loyalty Discount by Type Report will show both PPU (price per unit) discounts and ticket level discounts.
3. Loyalty PPU Totals by Grade Report
The Loyalty PPU Totals by Grade Report shows the PPU discounts by grade.
4. Terminal Batch Loyalty Detail Report
The Terminal Batch Loyalty Report shows every PPU and Transactional discount.
5. Loyalty Earn Report by Grade
The Loyalty Earn Report by Grade shows the transaction count, volume and amount by grade of loyalty earn
transactions.
5. Reward Settlement Report
The Reward Settlement Report will show the total net amount by terminal batch that will be paid.
LinxSimple Reports
1. Acquirer Batch Detail Report (BP Settlement Batches)
The Acquirer Batch Detail Report provides details of each transaction in a specified Acquirer Batch and includes
account number, card type, reference number and the total of the transaction. Additionally, sales totals, adjustment
and Batch totals will be shown at the end of the report. The Acquirer Batch is used to reconcile with payment.
Acquirer Batches will be closed after every 50 transactions. The report needs to be printed daily.
2. Summary of Acquirer Batches by Batch
The Summary of Acquirer Batches by Batch will list all Acquirer Batches from the previous end of day to the current
end of day with the status on the balancing with the host.
3. Summary of Acquirer Batches by Card Type, Fuel vs Non-Fuel
This report will summarize the transactions in the Acquirer Batches by card type and by fuel vs non-fuel totals
(non-fuel totals include taxes).
4. Totals by Department
This report will summarize the transactions in the Acquirer Batches by department.
5. Loyalty Earn Report by Grade
The Loyalty Earn Report by Grade shows the count, volume and amount by grade of loyalty earn transactions.
6
7
5.0 Settlement
Settlement Reports
The Settlement Report is available on the POS and on ClientLine via www.bpconnection.com. Jobbers and Dealers
will need to log in to ClientLine via www.bpconnection.com in order to obtain this information. Jobber-Dealers can
be granted access to their site specific data by the Jobber via www.bpconnection.com. A Login ID request form
must be filled out by the Jobber. A separate request for ClientLine access must also be completed. Please contact the
GBS-a to obtain access to ClientLine. See the tables below for www.bpconnection.com and ClientLine feature access
by Channel of Trade.
www.bpconnection.com Feature Access by COT
Feature
Dealer
(CODO/DODO)
Jobber
Jobber-Dealer
(site level access)
Messaging
(replaces POS e-mail)
Allowed
Allowed
Allowed –
data at site level
Helios 2013 Audit Scores
Allowed
Allowed
Allowed –
only applicable to
assigned sites
Credit Card - Settlement,
Summary
Allowed
Allowed
NO
Products Menu (pricing, BOL)
Allowed
Allowed
Allowed but limited
marketing content
Financials (Account
Summary/EFT/Invoice Data)
Allowed
Allowed
Price Rollback allowed,
only applicable to
assigned sites
Programs and Links
Allowed
Allowed
Allowed but
limited
ClientLine/Dispute Manager Feature Access by COT
Feature
Dealer
Jobber
Jobber-Dealer
Credit Card Settlement
Summary, Batch Detail,
Transaction Detail
Allowed
Allowed
Allowed –
data at site level
Chargebacks
Allowed
Allowed
Allowed –
data at site level
RFCOs
Allowed
Allowed
Allowed –
data at site level
Data Retention on www.bpconnection.com
Parameter
8
Days Retained
EFT
90
Invoice
90
Pricing
60
Settlement (EFP)
60
BOL
90
1
5.0 Settlement
5.0 Settlement
Data Retention on ClientLine/Dispute Manager
Deferred Option Example: POS EOD at 6:00 am
Months Retained
Acquirer
Batch Number
Batch Close Date
Batch Close Time
Settled at 2:00am
on 10/16
Settled at 2:00am
on 10/17
Credit Card HL0412 Report
6
54
10/14
08:10 pm
Y
N
Chargebacks
14
55
10/14
10:00 pm
Y
N
14
56
10/14
11:45 pm
Y
N
57 (POS EOD)
10/15
06:00 am
Y
N
58
10/15
11:00 am
N
Y
59
10/15
02:00 pm
N
Y
60
10/15
06:00 pm
N
Y
61
10/15
10:00 pm
N
Y
62
10/15
11:45 pm
N
Y
63
10/16
01:33 am
N
Y
64 (POS EOD)
10/16
06:00 am
N
Y
65
10/16
01:30 pm
N
N
66
10/16
10:00 pm
N
N
Parameter
RFCOs
Batch Terminology
Acquirer Batches are closed at Shift Close, Day Close (based on site configuration) and after every 50 transactions. The
Acquirer Batches can be found in the EPS Terminal Batch Detail Report or in the EPS Acquirer Batch Detail Report. A
Terminal Batch is a collection of Acquirer Batches for the Terminal Batch period. Terminal Batch closes are controlled
by the POS End of Day close, so in most cases there will be 1 Terminal Batch per day. It is highly recommended that
you perform a POS End of Day close each day. Failure to do so will complicate the settlement process.
Types of Settlement
There are 2 settlement options: no-deferred and deferred. These options determine when the Batches will be processed
by settlement.
No-Deferred Batch Settlement
All Batches closed (and in balance) at 2:00am CST will be settled and the EFT generated. There is no linkage to the
POS End of Day close and settlement. This is the default settlement option.
To request Deferred Batch Settlement, please contact the GBS-a. Refer to Appendix B for contact information.
Deferred Batch Settlement
All Batches closed (and in balance) prior to and up to the POS End of Day close will be settled and the EFT generated.
See the deferred examples below.
Deferred Option Example: POS EOD at 10:00pm
Acquirer
Batch Number
Batch Close Date
Batch Close Time
Settled at 2:00am
on 10/16
Settled at 2:00am
on 10/17
54
10/14
08:10 pm
N
N
55 (POS EOD)
10/14
10:00 pm
N
N
56
10/14
11:45 pm
Y
N
57
10/15
06:00 am
Y
N
58
10/15
11:00 am
Y
N
59
10/15
02:00 pm
Y
N
60
10/15
06:00 pm
Y
N
61 (POS EOD)
10/15
10:00 pm
Y
N
62
10/15
11:45 pm
N
Y
63
10/16
01:33 am
N
Y
64
10/16
06:00 am
N
Y
65
10/16
01:30 pm
N
Y
66 (POS EOD)
10/16
10:00 pm
N
Y
Settlement Process
*** Terminal Batch Summary ***
The Terminal Batch Summary and Terminal Batch Detail Reports should
be printed each day. These 2 reports are used in the settlement process.
The POS End of Day Report is not used in settlement. Since the POS
does not control card payment activity, it does not have the Batch or card
level detail necessary for settlement reconciliation. The POS Day Card
totals may or may not match the Terminal Batch Summary total. This is
dependent on the POS type and when the Day Close is done.
The first step in settlement should be to compare the Terminal Batch
Summary total against the settlement total for that day. Settlement will be
sent to the POS, but the site still has the option of obtaining settlement
on ClientLine via www.bpconnection.com. Note that the site number
must be 8 digits, so a leading 0 is required if the SVB number is being
used. If these 2 totals are the same, the site is settled.
The Summary by Acquirer Batch section at the bottom of the Terminal
Batch Summary will indicate the Batch balance status in the column
labeled “BAL”. The notations are: In Balance = “Y”, Open = “O”,
Pending = “P”, or Out of Balance = “N”. A pending Batch means that
the EPS has not yet sent the Batch to FirstData for settlement (this only
occurs when the EPS is offline). If the Batch is out of balance, the
number of transactions and dollar amount difference is noted for all
Batches that are out of balance between EPS and FirstData. The
Difference Number (number of transactions that are different) and
the Difference Dollars (total dollars in the Batch that are different) are
calculated based on the information that EPS reported for the Batch
versus what FirstData reported when the Batch was closed.
DLR#: 9999999
Printed: 10/03/06
14:46:37
WORKSTATION ID POS001
Terminal Batch 999
Terminal Batch Open: 10/03/06 13:05:58
Terminal Batch Clse: OPEN
LOCATION#TRNS
TOTAL $
Workstation 001
24
172.29
Workstation 002
22
157.87
Workstation 101
6
62.17
Workstation 104
11
82.12
Site Total
63
474.45
** Summary by Acquirer Batch **
ACQ
#
TOTAL
BAT
TRN
DOLLARS
BAL
89
44
377.54
Y
90
19
96.91
O
DIFFERENCE
#
DOLLARS
Pending
Terminal Batch Summary/Acquirer Batch Sample
For each Batch found out of balance, the Acquirer Batch total (ACQ BAT on report) should be compared to the Acquirer Batch total
on the Batch Recap and the difference noted.
For each Acquirer Batch out of balance, the list of transactions should be examined for the out of balance amount. The Terminal Batch
Detail Report or the Acquirer Batch Report can be used for this process.
2
3
6.0 Contracts
5.0 Settlement
In the Terminal Batch Summary Report sample shown on the previous page, please note that the “workstation” location
indicates both the POS terminal and the dispensers. The POS terminals are listed first. In this example, there are 2 POS
terminals (workstations 1 and 2) and 4 dispensers with pay at the pump (workstations 101, 102, 103 and 104, only 101
and 104 are shown).
Supply Contract Required to Process on BP Network
In order to process payment cards on the BP Network the Marketers must have a signed supply contract (“Contract” or
“BP Contract”) with BP.
Training Required on Proper Handling of Sensitive Data
The Acquirer Batch Report sample below is shown for reference only. Please note that typically there are 50 transactions
per Acquirer Batch. The negative amount represents a BP Gift Card activation or credit refund.
Each Marketer must take commercially reasonable steps to ensure the trustworthiness and reliability of each of its
employees, agents, representatives, subcontractors and their respective employees. Specifically, Marketers must require
that all persons involved in processing payments on a Site POS and/or BP’s payment network system have training in
the care and handling of personal identification data in compliance with industry rules, regulations and laws, including,
but not limited to, the most current Payment Card Industry Data Security Standards as outlined in Section 1.0.
Acquirer Batch # 92
Marketer/Sites Required to Comply within this Guide and Liability for Any Failure
Account No.
Type
Ref #
690012345678901
WX
00392001
42.05
540112345678902
DI
00592002
34.12
710412345678903
VI
00092003
18.85
372412345678904
AX
00992004
22.20
600612345678905
SV
00192005
10.00-
370812345678906
AX
00192006
28.55
710412345678907
BP
00292007
33.33
Sales Total
179.10
Sales Adjust
Batch Total
4
Total
10.00-
• Each Marketer is responsible for the acts and omissions of his or her employees’, agents, representatives,
sub-contractors and their respective employees’ compliance with all regulations and instructions in the Guide
and any and all future updates to the Guide.
• Marketer is also responsible for each of its Approved Retail Sites under its Branded Jobber Contract and each
Approved Retail Site’s employees, agents, representatives, sub-contractors and their respective employees’ full
compliance with all laws, regulations, the Guide and any and all future updates to the Guide.
• Any credit card sales ticket or draft that does not comply with the Guide (including any update to the
Guide) may be charged back to the Marketer at the sole option of BP.
• BP may discontinue its processing of payment cards of any or all of a Marketer’s sites should BP reasonably
believe such processing is not in compliance with the Guide.
• Each Marketer is fully liable for any and all fines, claims, damages, actions, liabilities resulting from any
failure to comply with the Guide, laws or regulations.
• Marketer hereby agrees to defend and hold BP harmless from and against any claims allegations, damages
and costs including attorney fees related to or arising from a Marketers failure or alleged failure to comply
with the Guide, laws or regulations.
169.10
1
7.0 Sales Authorization
Procedures for Accepting All Credit Cards
Accept only those cards indicated as acceptable in the Guide, on the Wall Chart or as advised by BP. Failure to adhere to these
procedures may result in suspension of your site’s merchant privileges. Failure to adhere to these procedures may also be a
violation of Visa and/or MasterCard Operating Regulations, which could result in a fine being passed to your site as you are
ultimately responsible for each of your Site’s compliance with the Guide.
• DO be sure the credit card has not expired or been altered.
• DO swipe the card to obtain an authorization.
• DO verify that the signature on the back of the card matches the signature on the receipt (if applicable).
• DO – For sites using a stand alone POS terminal, the POS will prompt for the total fuel and non-fuel amounts.
The cashier must key in the actual sale amount for each. Breaking a large sale into smaller chunks and processing
them individually on the POS terminal is not allowed and will result in chargebacks to
your site.
• DO verify that all tickets have a sale amount, date, merchant name and location, and authorization code.
Commercial card sales must have required information.
• DO keep ALL copies of ALL tickets, Batch Detail Reports, Batch Control Reports, Journal, etc., for a minimum
of 13 months or the length required for your business or legal purposes. Appropriately destroy
(i.e., cross-cut shred) these materials after the retention time has elapsed. (For more information,
see Section 1.0.)
• DO NOT require the customer to supply any personal information (e.g., home or business phone number, home
or business address, or driver’s license number) unless instructed by the authorization center or the procedures in
the Guide.
• DO NOT impose a surcharge or fee for accepting a card.
• DO NOT sell cash advances, lottery tickets and money orders on credit cards or signature debit cards.
• DO NOT sell cash advances, lottery tickets and money orders on BP Gift Cards.
• DO NOT accept a BP Gift Card as payment for a BP Gift Card.
• DO NOT mail in imprinted copy for payment.
• DO NOT accept the card as payment if the card has expired or is not yet valid.
• DO NOT manually key enter a card number if the card is not present, i.e. over the phone, etc.
If the card cannot be read by the terminal:
• DO key-enter the transaction.
• DO key-enter ALL digits of the account number and check expiration and valid dates on all manually entered
transactions.
• DO imprint card on Form NC-H-3001 (necessary to avoid chargeback).
• DO have customer sign the imprinted ticket and validate the signature. Card MUST be imprinted on the ticket
or the sale is subject to chargeback. (Please keep a copy for your records in case further investigation
is warranted.)
• DO write “VPI” (Verified Positive Identification) NEXT to the CSR initials after validating ID. The preferred ID
is a driver’s license or identity card with both a photo and a name that match the name imprinted on the card.
BP Proprietary Consumer Cards: The card is not valid if it is not signed. If the cardholder has 2 pieces of picture
identification that match the name on the card, have the customer sign the card and then accept it as payment. Any
questions, call BP Credit Card Authorization. See Section 3.0 for contact information.
MasterCard: The card is not valid if it is not signed. If the cardholder is willing to sign the card in your presence, request
2 pieces of valid identification such as driver’s license, another bank card, etc. Match the name on the card,
have the customer sign the card and accept it as payment. For access to MasterCard Operating Regulations, visit
www.mastercard.com/us/merchant/how_works/merchant_rules.html.
Visa: The card is not valid if it is not signed. If the card is not signed, do not accept it as payment. Refer the cardholder to
his or her issuing bank. For access to Visa Operating Regulations, visit www.visa.com/merchant.
No signature is required for purchases under $25.00 made with a Visa. No signature is required for purchases under $50.00
made with a MasterCard, American Express, or Discover card.
2
1
Security ID (CVV2/CVC2/CID)
If the cashier is prompted to ENTER SECURITY CODE or ENTER SECURITY ID, MasterCard, Visa and Discover
have 3 digits on the back of the credit card that will need to be entered. American Express has 4 digits on the front of
the credit card that will need to be entered. Any of these cards may prompt for CVV2/CVC2/CID on manually entered
transactions. The implementation of the CVV2/CVC2/CID prompting will be site dependent (at BP’s discretion).
Refer to Section 3.0 for more information.
MasterCard: The last 3 digits on the back of the card on the signature line is the CVC2 number.
On the example below, it is 123.
Discover Network: The last 3 digits after the account number on the back of the card on the signature
line is the CID number. On the example below, it is 888.
CVC2 number
American Express: The 4 digit number on the front of the card above the account number is the CID number.
On the example below, it is 1234.
CID number
Visa: The last 3 digits after the account number on the back of the card on the signature line is the
CVV2 number. On the example below, it is 123.
CID number
CVV2 number
2
3
If the transaction receives a “Call for Authorization” or “Referral” response, or if your terminal
is down:
• DO call the authorization number as instructed.
• DO record the authorization code on the sales slip.
• Failure to record a valid authorization number or entering a false authorization number into your
terminal will result in a chargeback to your site.
If the transaction receives a “Decline” response:
• DO ask for another method of payment.
• DO NOT attempt to call the authorization center.
Automotive Service Work Authorization
• Before beginning service work, ALL work estimates and tire purchase orders exceeding $250.00 must
be called into BP Credit Card Authorization for verbal approval. See Appendix B for contact information.
• Upon completion of service work, process sales tickets through the normal channel. Positive identification
in the form of a valid driver’s license is required and license plate number must be noted on work orders.
• All automotive maintenance products and parts purchased with a BP Private Label Card must be installed
in the vehicle for which they are purchased, except at sites where installation is not offered.
• Credit card sales drafts for repair and service work, which includes the itemized service work order,
must be retained for 13 months from the date of the sale. All card sales drafts covering repairs and/or service
work are purchased free of dispute.
If you receive a “Pick Up” or “Hold” response:
• NEVER risk your own safety or the safety of your customers or employees.
Check Acceptance
• DO advise the cardholder you have been instructed to retain his/her card and that he or she should
call the issuing bank with any questions.
The acceptance of personal checks is at the discretion of the Marketer. Convenience checks are periodically sent to BP
Proprietary Card customers. These checks are not identified as BP, but feature the Chase name and logo. These checks
are pre-printed for various amounts of $20.00-$300.00 and should be processed as regular personal checks. Marketers
are not obligated to accept these checks unless the site has a personal check acceptance policy.
Sales Administration
• All electronic or NC-H-3001 manual sales tickets require the cashier’s initials.
• Manually imprinted sales tickets (NC-H-3001) should be properly completed and received for processing not
more than 21 days from date of sale. This will allow time for processing before the 30 day time limit expires.
• Copies of NC-H-3001 and EPS sales tickets must be retained for a minimum of 13 months so that sales
information can be documented in the event of loss in the mail, etc.
• To reduce fraud and chargebacks, review Batch Reports and NC-H-3001 manual sales tickets for a series
of purchases made on the same card for a possible unauthorized or fraudulent use.
BEST PRACTICE: CLEAN CARD READERS EVERY WEEK TO REDUCE REFERRALS TO MANUAL
SALES TICKETS.
Additional Rules for Authorization of BP Proprietary Credit Cards Only:
All Sales
• All BP Proprietary Credit Cards must be valid, signed and presented at the time of purchase.
• Manually keyed transactions require an imprint of the customer’s credit card on an NC-H-3001
manual sales ticket. Please retain the imprinted ticket for 13 months.
• The cardholder must sign the sales receipt.
• A BP MultiCard can only be used by the named cardholder.
- BP Cards may be transferable which means that the name embossed on the front of the card may be
different from the signature on the back of the card. This means the cardholder is an authorized user
of the card. In these cases, the signature on the back of the card must match the signature signed on the
sales receipt. If the signature does not match, you may request additional forms of identification in order
to process these sales.
• All manual sales must be authorized. See Section 3.0 for authorization contact information.
• Purchases of $50.00 or more in non-fuel products require positive identification. Check cardholder’s
ID and write “VPI” (Verified Positive Identification) and initials on the sales ticket.
• Cash advances and money orders cannot be purchased on a BP Private Label Card.
• For phone authorizations, select option 1 for transaction code.
• BP Consumer Cards should be used for consumer purchases only.
4
5
8.0 Paper Ticket Processing
Manual Ticket Processing
Sites/Jobbers submitting manual tickets must have a BP approved CommLinx system installed at their location.
Please contact your BP representative to order a CommLinx device for your location.
Manual Sales Ticket Imprinters
Approved Devices
BP imprinter approved for the processing of paper sales tickets is Model 4875.
Replacement Imprinters
For replacement of broken or malfunctioning Model 4875 manual imprinters, contact Addressograph Bartizan
by phone at 1-800-633-9143. Please have the imprinter serial number ready when you call or include it in your fax.
The serial number is located on the back of the imprinter. BP reserves the right to charge for additional imprinters.
Your replacement imprinter should be delivered by UPS within a few days and will include a label and instructions
for returning the defective unit to Addressograph Bartizan.
Before returning your defective unit to Addressograph Bartizan, be sure to remove and retain your imprinter
identification plate. You will need to install the plate over the brass plate located on the replacement unit.
Place the defective imprinter in the box that the new one arrived in. Please use the shipping label provided and give
the box to your UPS driver the same day or take it to a UPS mailing center (i.e., Mail Boxes Etc.).
Should you have any questions or concerns, please call Addressograph Bartizan at 1-800-633-9143.
Imprinter Plates
Site-numbered metal imprinter identification plates are issued to every site. An imprint on the assignment transmittal
is needed to ensure correct reimbursement. To replace lost or worn imprinter plates, please contact the GBS-a.
Ordering instructions for paper ticket supplies
• Call Standard Register (see Appendix B)
• Have SVB # ready
Form numbers below
Manual Ticket Envelopes
6
NC-10-090D/J
Manual Tickets
NC-H-3001
Summary Form 36-285
NC-155261
1
Processing a Paper Ticket: All Credit Cards
BEST PRACTICE: SUBMIT ALL PAPER TICKETS ON A WEEKLY BASIS TO ENSURE PROMPT
PROCESSING.
• CHECK expiration date on card. If expired, ask for another form of payment.
• CALL for authorization for all sales on BP Proprietary Cards and Third Party Cards. See Section 3.0
for contact information.
• SET the sale date and sale amount on the imprinter.
• COMPLETE a paper ticket Form NC-H-3001 (see example in this section) and fill out all required
handwritten areas using BLACK ballpoint pen. Press firmly.
• IMPRINT the ticket by placing the credit card and manual sales ticket within the proper guides on
the imprinter and moving the operating handle from the left completely to right and then back to the
far left position.
• VERIFY that all information has been imprinted clearly on ALL copies:
- Customer credit card number
- Expiration date
- Total dollar amount
- Site identification number (7 digit SVB number)
- Sale date
• RECORD total sale amount and authorization number on the ticket.
• OBTAIN customer signature. Verify that it matches signature on the back of the card.
Return card to customer.
• PROVIDE top copy of ticket to customer. Place attached STATION and PROCESSING CENTER
copies in a secure place. (See instructions later in this section.)
If processing a commercial card sale, also:
• Imprint all information embossed on the card.
Processing a Paper Ticket: Wright Express Third Party Commercial Card
• VERIFY expiration date. Cards are valid through the last day of the month and year indicated. Any sale made
after this date is subject to chargeback.
• VERIFY whether or not the card is restricted. Some cards are limited to “Fuel & Oil Only” purchases. Any other
purchases made on a “Fuel & Oil Only” card could be subject to chargeback. The “Fuel & Oil Only” Restriction
Codes are: 01, 11, 21 and 31. The Restriction Code is the 2 digit code that precedes the expiration date and is
located in the lower right hand corner of the card.
• AUTHORIZE every purchase by calling 1-800-842-0071. Provide the authorization operator with
the following information to obtain an authorization code:
- Product purchased
- Authorization amount
- Cardholder identification number
• IMPRINT the card using Form NC-H-3001. Set the levers for the correct date, product code and amount of
sale, and move the operating handle from the left completely to the right and then back to the far left position.
• RECORD the following information on all tickets to prevent chargebacks:
- Driver identification number
- Vehicle number
- Authorization number
- Odometer reading
- Check correct box for Regular, Mid Grade, Premium, Diesel
- Service code (S=Self, F=Full)
- Quantity purchased
- Price per gallon
- Sales tax
- Total amount of sale
• Check fuel product box.
• OBTAIN customer signature. Verify that it matches signature on the back of the card. Return card to customer.
• Enter quantity purchased.
• PROVIDE top copy of ticket to customer. Place attached STATION and PROCESSING CENTER copies
in a secure place. (See instructions later in this section.)
• Enter price per gallon.
Note:
• You cannot impose a surcharge or fee for accepting a credit card.
BEST PRACTICE: PREVENT CHARGEBACKS BY CHECKING THE CORRECT BOX FOR FUEL
GRADE CODE AND ACCURATE GALLON DETAIL ON ALL PAPER TICKETS.
• You cannot require the cardholder to supply any personal information (e.g., home or business phone
number, home or business address, or driver’s license number) unless instructed by the authorization center.
Failure to complete the paper ticket as instructed above will likely result in a chargeback.
All paper tickets should be submitted for processing on a weekly basis.
2
3
Processing a Paper Ticket: Voyager Third Party Commercial Card
Properly Completing a BP Paper Ticket (BP Form NC-H-3001)
• VERIFY expiration date. Cards are valid through the last day of the month and year indicated.
Any sale made after this date is subject to chargeback.
• VERIFY whether or not the card is restricted. Some cards are limited to “Fuel & Oil Only” purchases.
Any other purchases made on a “Fuel & Oil Only” card could be subject to chargeback. The “Fuel & Oil Only”
Restriction Codes are: 01, 11, 21 and 31. The Restriction Code is the 2 digit code that precedes the expiration
date and is located in the lower right hand corner of the card.
Total Dollar Amount
(up to $999.99)
Customer Credit Card Number
555 555 555 5 1001
• AUTHORIZE every purchase by calling 1-800-987-6589. Provide the authorization operator with
the following information to obtain an authorization code:
ANY CORPORATION
JANE CUSTOMER
- Product purchased
012 50
1201
- Total dollar amount
• IMPRINT the card using Form NC-H-3001. Set the levers for the correct date, product code and amount of
sale, and move the operating handle from the left completely to the right and then back to the far left position.
• RECORD the following information on all tickets to prevent chargebacks:
- Vehicle number
- Authorization number
Site
Identification
Number
Site Name,
City and State
1234567
010102
BP STATION
ATLANTA GA
12345671234567
35,126
x
x
10 0 1.25 12 50
DP
Cashier Initials
–
12 50
- Odometer reading
- Check correct box for Regular, Mid Grade, Premium, Diesel
- Service code (S=Self, F=Full)
- Quantity purchased
Customer
Signature
Product/
Quantity
Handwritten Total Dollar Amount
(Must agree with imprinted amount)
Note: Shaded areas required for commercial sales.
- Price per gallon
- Sales tax
- Total amount of sale
• OBTAIN customer signature. Verify that it matches signature on the back of the card. Return card to customer.
• PROVIDE top copy of ticket to customer. Place attached STATION and PROCESSING CENTER copies
in a secure place. (See instructions later in this section.)
If card user or card appears suspicious, call 1-800-987-6589. Ask for “Authorization Code 10.” The operator will ask you
questions that require "yes" or "no" answers, in case your conversation is being overheard. If any problem occurs with the
sale, instruct the driver to call Voyager Customer Service at 1-800-987-6591. If an error is discovered after the customer
has gone, completely block out the amount in error and handwrite the correct amount below.
4
5
Submitting Paper Tickets
Properly Completing Summary Form 36-285 (NC-155261)
Information for using 36-285 Summary Form
• Jobbers with Jobber-Dealer sites need a combination of 285 and 283 Summary Forms.
• Independent Dealers and Commission Marketers use only the 285 Summary Form.
• Paper tickets must be submitted within 11 days of date of sale.
• Remove STATION and PROCESSING copies of sales tickets (Form NC-H-3001) from locked
compartment.
• Verify imprinted total agrees with handwritten total on each ticket. If imprinted total does not agree,
draw a line through it and handwrite the correct amount.
• Add up paper tickets (Form NC-H-3001) using handwritten totals on each ticket.
• Prepare Summary Form 36-285 (see example in this section) following these steps:
- Place form into imprinter (verify imprinter date is correct).
- Move product code levers to zeros. Use all of the levers, including product code levers and dollars
and cents levers to set the total dollar amount of all sales tickets in batch.
- Move imprinter handle from left completely to the right and then return to the far left position.
- After imprinting, discard each instruction copy.
- Handwrite in black pen the type of site (Dealer/Commission Marketer), the number of tickets attached,
the total amount and then sign.
• Detach Dealer/Jobber copy of Summary Form 36-285 and STATION copy of paper ticket
(Form NC-H-3001). Retain these copies for your records for 13 months.
• Place Summary Form 36-285 (PROCESSING copy) along with sales tickets Form NC-H-3001
(PROCESSING copy) in a pre-printed envelope (Form NC-10-090D/J for Dealers/Jobbers). Before sealing
the envelope, be sure to send only the PROCESSING copy of all summary forms and tickets. (Note: The
PROCESSING copy is the last hard copy of the form.) Place forms in the correct order: the summary form
followed by tickets in sequential order. Do not send carbons. Carbons should be destroyed by cross-cut
shredding. Apply proper postage and mail.
• If you are a Dealer, Commission Marketer or Retail Contract Operator, insert the Dealer’s SVB number.
• If you are a Jobber, insert the Jobber’s SVB number.
• To prevent delay in your reimbursement make sure you:
- Do not mail adding machine tapes, rubber bands, paper clips, etc.
- Only send completed summary forms and paper tickets.
- Do not bend, fold, staple or glue completed summary forms and paper tickets.
To order pre-printed envelopes, please contact Standard Register (see Appendix B for contact information).
If you do not have a pre-printed envelope, please send manual tickets to the following address:
BP
Post Office Box 619094
Dallas, TX 75261-9094
6
7
Submitting Paper Tickets for Reimbursement
Properly Completing Summary Form 36-283 (NC-155259)
Jobbers will submit the 36-283/36-285 on behalf of Jobber-Dealers
• Verify that the totals on the Summary Form 36-283 (PROCESSING copy) and the totals for the attached
paper tickets agree and that the number of tickets listed on the summary form agrees with the actual number
of tickets attached.
• Add up totals of all Summary Form 36-283s (Dealer’s SVB number).
• Prepare handwritten Summary Form 36-285 (Jobber’s SVB number) and include:
:
- Site’s SVB number
- Total amount
- Site name and address
- Summary date
- Number of paper tickets attached
- Signature of preparer
• One Summary Form 36-285 can be completed for each Jobber-Dealer’s Summary Form 36-283
that is submitted. The 36-285 Summary Number will be identified on the Jobber payment advice.
• Or, one Summary Form 36-285 can be completed for the total dollar amount of multiple Summary Form
36-283s, submitted from more than one Jobber-Dealer. Each Jobber-Dealer must have a Summary Form
36- 283. Note: Only the 36-285 Summary Number is identified on the Jobber payment advice, not the
Jobber-Dealer 7 digit SVB number.
- Place Summary Form 36-285 (PROCESSING copy), Summary Form 36-283 (PROCESSING copy)
and paper tickets Form NC-H-3001 (PROCESSING copy) in pre-printed envelope (NC-10-090D/J)
and mail. Place forms in the correct order--summary forms followed by tickets in sequential order.
(Note: The PROCESSING copy is the last hard copy of the form.) Do not send carbons.
This form is only used by Jobber-Dealers. The Jobber-Dealer SVB number must be used on the form.
Example: If one Jobber has 10 sites, the individual Dealer’s SVB number should be indicated on Summary Form 36- 283
(NC-155259).
• To prevent delay in your reimbursement make sure you:
- Do not mail adding machine tapes, rubber bands, paper clips, etc.
- Only send completed summary forms and paper tickets.
- Do not bend, fold, staple or glue completed summary forms and paper tickets.
To order pre-printed envelopes, please contact Standard Register (see Appendix B for contact information).
If you do not have a pre-printed envelope, please send manual tickets to the following address:
BP
Post Office Box 619094
Dallas, TX 75261-9094
Jobber-Dealers
Please follow instructions as provided to you by your Jobber.
8
9
9.0 Debit Cards
Debit Card Acceptance
Debit will be activated inside for all sites. Debit acceptance outside at the dispenser is hardware-dependent. It will only
be activated outside if the site acquires the approved hardware and notifies the GBS-a.
Valid Networks for Acceptance
ACCEL
AFFN
• Sites cannot impose any surcharge or minimum purchase amount in connection with a debit
transaction. Non-compliance with this requirement may result in the elimination of debit acceptance
at the site(s) involved and/or a fine from the debit network.
• Questions regarding debit processing errors should be directed to the GBS-a at 1-888-BP-HELPU.
• Goods accepted for return, refunds or price adjustments are allowed for goods or services sold by the
Marketer, provided the Marketer makes the refund, replacement or adjustment in the same manner
as a cash transaction.
• Debit transactions cannot be completed at the POS when the device is unable to communicate with the BP
Network or when the transaction cannot be verified by the debit network. Manually-processed debit
transactions are not allowed and will result in a chargeback to the site.
• The sales cancellation feature cannot be used to issue credits to a customer’s bank account. If a customer
is overcharged after completing a debit transaction, the difference should be disputed by the customer with
their issuing bank.
10
1
9.0 Debit Cards
Debit Card Processing
10.0 BP Gift Cards
BP Gift Cards Authorization and Processing
All BP sites must accept any BP Gift Card that has the BP logo on the face of the card.
When processing debit sales, the customer will be asked to enter their PIN on the pinpad. The card is swiped
by the customer at the pinpad with the card’s magnetic stripe facing down and to the left.
Permissible Products and Services Purchased with BP Gift Cards
• All convenience store items such as food, sundries, cigarettes and beverages unless prohibited by state or local law.
Site employees are not allowed to request a customer’s PIN or assist customers in
entering their PIN.
• BP or Amoco branded motor fuels.
Products NOT Authorized for Purchase with BP Gift Cards
To enter their PIN, the customer uses the alpha-numeric keys on the pinpad followed by the “ENTER” key.
• Lottery tickets.
For processing instructions specific to your POS device, please refer to that device’s instruction manual.
• BP Gift Cards.
• Money orders (no cash advances).
If the customer requests cash back and your site participates in the Cash Back Program, the customer selects
the cash back amount using the appropriate keys on the pinpad.
Debit Card Hard Holds
Some MasterCard and Visa cards are debit cards that are tied to the customer’s bank account.
When these cards are swiped, it is possible that a “hard hold” may be placed on the account.
• When these cards are swiped, the issuing bank can place a dollar-amount hold on the customer’s bank
account.
- This hold is not placed on the account by BP.
- This hold is considered a “hard hold” of $50.00-$100.00 (may be greater depending on what the CRIND
limits are set to) and may not be removed for 3-5 days. The timeframe is determined by the issuing bank.
• When the sale is completed, the actual sale amount is also drafted from the customer’s account.
- This means that the customer has both the actual sale and the hard hold posted on their account,
until the hard hold is removed by the bank.
• Customers should be directed to their bank if they experience a hard hold on their debit card.
***Legal Notice*** Limits on Activation Amounts
• Pursuant to 31 CFR Parts 1010 and 1022, which the Department of the Treasury, Financial Crimes Enforcement
Network issued on July 29, 2011, effective as of September 27, 2011, no BP Gift Card may be sold at retail with
a balance in excess of two thousand dollars ($2,000.00). Additionally, no individual or entity shall be permitted
to purchase more than ten thousand dollars ($10,000.00) in BP Gift Cards in any twenty-four (24) hour period.
• If you encounter this suspicious activity then contact law enforcement and BP.
BP Retail Network BP Gift Cards Assistance
• For assistance with any BP Gift Card malfunctions or settlement questions, please contact the GBS-a.
See Appendix B for contact information.
• Stored Value Solutions (SVS), the BP Gift Card issuer, will assist you or your customers with BP Gift Card
customer service questions,
24 hours a day, 7 days a week. See Appendix B for contact information. Consumers may use an automated
response system or speak to a live operator to determine:
- Card purchase (load) date
- Remaining balance
- Last 5 transactions (amounts and dates)
Processing Sales
• BP Gift Cards must be tendered at the cash price. Tendering BP Gift Cards at the cash price is also
required if discount for cash (DFC) pricing is in use at your site.
• All BP Gift Cards must be processed through the BP Network.
See your Point of Sale quick reference guide or call your Point of Sale support for details.
• Manual acceptance or imprinting of a BP Gift Card is NOT authorized under any circumstances.
• BP Gift Cards may only be tendered for cash if the state law requires it.
This is done on customer request and only to the maximum required in your state. You are solely responsible
for knowing your state law on this issue.
• DO NOT sell cash advances, lottery tickets or money orders on a BP Gift Card.
• DO NOT accept a BP Gift Card as payment for a BP Gift Card.
• DO NOT accept a BP Gift Card as payment on a house account.
2
1
10.0 BP Gift Cards
10.0 BP Gift Cards
Refunds
BP FuelCircle Cards
• Refunds are not allowed for the purchase of a BP Gift Card or for items purchased with the BP Gift Card.
FuelCircle Card Authorization and Processing
All BP sites must accept any FuelCircle Reward Card that has the BP logo on the face of the card.
Ordering Cards and Carriers
• Call 1-866-369-0372 or go to www.bpconnection.com > Links > Gift Card Ordering. You will need your
site’s SVB number to place an order. Cards and carriers will be delivered (via FedEx or UPS) directly to
your site within 7 to 10 days.
What do you want?
Who are you contacting?
How to reach out …
BP Gift Cards (to sell at site)
Stored Value Marketing (SVM)
www.bpconnection.com
1-866-369-0372 (IVR)
1-800-750-3064 (Live operator)
BP Door Decals
Global Business Services-americas
(GBS-a)
1-888-274-3578
(option 5, then option 3)
BP Gift Card Balance Inquiry
Stored Value Solutions (SVS)
1-800-519-3560
Permissible Products and Services Purchased with FuelCircle Cards
• All convenience store items such as food, sundries, cigarettes and beverages unless prohibited by state
or local law.
• BP or Amoco branded motor fuels.
Products NOT Authorized for Purchase with BP FuelCircle Cards
• Lottery tickets.
• BP Gift Cards.
• Money orders (no cash advances).
BP Retail Network BP FuelCircle Cards Assistance
• For assistance with any BP FuelCircle Card malfunctions or settlement questions, please contact the
FuelCircle help desk at 1-855-731-9998. See Appendix B for contact information.
Processing Sales
Sales of any Gift Cards or Phone Cards
• Due to increased fraud, all gift cards and phone cards should not be paid for using any of the BP
Commercial Cards:
- BP Business Solutions Fuel Card, BP Business Solutions Fuel Card Plus, BP Business Solutions
MasterCard, BP Business, BP BusinessPlus
• If a retailer elects to sell gift cards or phone cards to a BP Commercial Cardholder, the site is at risk
of chargeback for the total amount of the sale.
• Business owners use BP Commercial Cards to control business expenses. It is highly unlikely for a driver to
have a valid reason for purchasing any gift cards or phone cards on a company credit card. Train your
CSRs to be on the lookout for this type of high risk activity and to request cash or other approved
payment methods for gift card or phone card sales.
• All BP FuelCircle Cards must be processed through the BP Retail Network. See your Point of Sale quick
reference guide or call your Point of Sale support for details.
• Manual acceptance or imprinting of a BP FuelCircle Card is NOT authorized under any circumstances.
• DO NOT sell cash advances, lottery tickets or money orders on a BP FuelCircle Card.
• DO NOT accept a BP FuelCircle Card as payment for a BP Gift Card.
• DO NOT accept a BP FuelCircle Card as payment on a house account.
Refunds
• Refunds are not allowed for items purchased with a BP FuelCircle Card.
Activations and Reloads
• All activations and reloads will be handled by SVM.
• DO NOT attempt to reload value back on to a FuelCircle card.
Additional Details
• For more information on the FuelCircle program, please visit www.fuelcircle.com.
2
What do you want?
Who are you contacting?
How to reach out …
To resolve a consumer issue
Stored Value Marketing (SVM)
1-855-731-9998
3
11.0 RFCO/Chargebacks/Credit Card
Request For Copy (RFCO) of Original Sales Ticket
BEST PRACTICE: KEEP ALL COPIES OF ALL TICKETS, BATCH DETAIL REPORTS, JOURNAL, ETC.,
FOR A MINIMUM OF 13 MONTHS OR THE LENGTH REQUIRED FOR YOUR BUSINESS OR LEGAL
PURPOSES. APPROPRIATELY DESTROY (BY CROSS-CUT SHREDDING) THESE MATERIALS AFTER
THE RETENTION TIME HAS ELAPSED.
BP Proprietary Cards
Reason for RFCO:
Cardholder wants information on sale or is disputing sale.
If you receive a RFCO:
• Mail or fax the legible copy as soon as possible to FirstData Merchant Services.
• Copies must be received by the date printed on the request to avoid a chargeback.
• Send one ticket copy per page of the request (retain the original ticket for your files). Include your 7 digit
SVB number, the name of a contact person at the site, your phone number, and the case number in the top
right had corner of each page with your fax or cover letter. Save your fax confirmation as a receipt. If you
mail this, it is recommended that this be sent via Certified Mail (and keep the certified signed receipt).
• You should not receive a RFCO for a pay at the pump sale if you have AVS activated.
If you do, please contact the GBS-a. Please refer to Appendix B for contact information.
• Call the GBS-a 48 hours after faxing the copy to verify it was received.
• You may also respond directly to a RFCO request in Dispute Manager.
Refer to “How to Avoid Non-Receipt of RFCO Chargebacks” in this section for more information.
Third Party Cards
Reason for RFCO:
• Credit card not processed following proper guidelines.
• Cardholder wants information or is disputing the sale.
• Sale in question may be fraudulent.
If you receive a RFCO:
• Mail or fax the legible copy as soon as possible to the GBS-a.
• Copies must be received by the date printed on the request to avoid a chargeback.
• Send one ticket copy per page of the request (retain the original ticket for your files). Include your 7 digit
SVB number, the name of a contact person at the site, your phone number, and the case number in the top
right hand corner of each page with your fax or cover letter. Save your fax confirmation as a receipt. If you
mail this, it is recommended that this be sent via Certified Mail (and keep the certified signed receipt).
• Call the GBS-a 48 hours after faxing the copy to verify it was received.
• You may also respond directly to a RFCO request in Dispute Manager.
If this is a RFCO request for either an American Express or a Discover card please include a written rebuttal letter
describing the transaction and send it along with the sales slip. If this is not sent in the RFCO will not be fulfilled
completely.
4
1
Sites can be charged back without receiving a RFCO. Depending on the reason code, some chargebacks may not be
disputable. All chargeback disputes should be directed to FirstData Merchant Services or can be handled directly in
Dispute Manager. Please refer to Appendix B for contact information.
RFCO Contact Information
Card Type
BP Card
BP MultiCard
BP Visa®
American Express
MasterCard
Visa
Discover Network
BP Proprietary Commercial
BP Business Card
BP BusinessPlus Card
Fuel Card
Fuel Card Plus
MasterCard
BP In-Station Card
Voyager
Wright Express/PHH
Response Time
Fax #
Address
RFCO - Pay at the Pump vs. POS
In some cases, pay at the pump RFCOs can be sent to the site level. Dealers and Jobbers then spend time locating
a sales draft, only to find out that the sale was a pay at the pump sale and there is no draft available.
A reference number is provided on the Acquirer Batch Detail Report or the Acquirer Batch on the Terminal Batch
Detail Report. This reference number contains information regarding the transaction, including a code for Sales Entry
Method. By identifying the Sales Entry Method, you will be able to determine if the sale took place inside at the POS
device or outside at the pump.
Reference Numbers for 7 Digit SVB Numbers
1st and 2nd digits = Approval Code
3rd digit = Sales Entry Method
0 = Attended RFID* card (Inside Transaction)
14 Days
1-402-933-1840
FirstData Merchant Services
PO Box 6603
Hagerstown, MD 21741
1 = Manual Entry
3, 5 or 7 = Inside Sale (Card Swiped)
4, 6 or 8 = Outside Sale (Pump)
9 = Unattended RFID* card (Outside Transaction)
4th and 5th digits = Batch Number
6th, 7th and 8th digits = Transaction Number
* RFID is also known as Contactless Payment.
Disputing Chargebacks
All sites must follow all procedures in the Guide. Even if a valid authorization number is obtained, the TOTAL
VALUE of the sales transaction is still subject to be charged back if the transaction is in violation of any of the credit
card policies or the Guide.
To Question or Dispute a Chargeback
Write or fax your dispute immediately upon receipt to the GBS-a.
Please refer to Appendix B for contact information.
All chargeback disputes must be processed within 14 days of the date of chargeback.
Note: This does not prevent the chargeback from drafting from a bank account.
BEST PRACTICE: KEEP ALL COPIES OF ALL TICKETS, BATCH DETAIL REPORTS, JOURNAL,
ETC., FOR A MINIMUM OF 13 MONTHS OR THE LENGTH REQUIRED FOR YOUR BUSINESS OR
LEGAL PURPOSES. APPROPRIATELY DESTROY (BY CROSS-CUT SHREDDING) THESE
MATERIALS AFTER THE RETENTION TIME HAS ELAPSED.
2
3
Chargeback Escalation Process
The GBS-a has been trained to assist Marketers in chargeback dispute resolution. The GBS-a representative will
provide a case number for this dispute. The site should record this case number along with the name of the GBS-a
representative.
Credit card chargeback resolution can take up to 60 days. Credit card chargeback disputes involving car repairs
may take longer.
If the site is not satisfied with the progress being made, follow these escalation process steps:
• Call the GBS-a and provide your 7 digit SVB number, the case number and any fax receipts for documents
previously submitted.
• The GBS-a team will investigate and respond to the site.
• For final resolution, the site may call the GBS-a. Please refer to Appendix B for contact information.
If the site does not follow the steps outlined, management will be required to go back and follow the process
established.
Invalid Signature
• Obtain a signature for every transaction (this excludes pay at the pump sales, and inside store sales under
$25.00 for Visa and sales under $50.00 for MasterCard, AMEX and Discover) and verify that the signature
on the back of the card matches the signature on the receipt. If the signatures do not match, request the
customer’s ID to verify the signature. If the signature cannot be verified:
1. Request an alternate form of payment from the customer.
2. Refund (or give a credit) for the original transaction.
• The Proprietary BP Card is transferable, which means that the name embossed on the front of the card may
be different from the signature on the back of the card. This means the cardholder is an authorized user of
the card. In these cases, the signature on the back of the card must match the signature signed on the sales
receipt. If the signature does not match, you may request additional forms of identification in order to
process these sales.
Since chargebacks can result from fraudulent credit card usage, follow the steps below
to minimize fraud at the site level.
Inside Store Sales
How to Minimize Chargebacks
When a chargeback for Invalid Signature is the result of a customer disputing a sale on his
or her credit card bill.
• The BP Proprietary Card chargeback process usually begins with a customer dispute. If a customer
notifies the issuing bank of an unauthorized charge that appears on their credit card bill, the bank treats this
transaction as a fraudulent transaction. With any fraud case, the customer is required to complete, sign and
return an affidavit stating that he or she did not complete this transaction. After the affidavit is returned, the
bank begins the chargeback process. A retrieval request is sent to the site asking for a copy of the sales ticket
in question. The site must provide this information back to the bank in the proper timeframe.
A comparison is done on these 2 documents and the signatures are matched. If the signature does
not match, a chargeback is sent to the site. If the signature does match, the customer is notified and
a chargeback to the site does not occur.
• Make sure all RFCOs are responded to via Dispute Manager. Sites can either fax or use Dispute Manager to
scan the supporting documentation and submit to FirstData.
• Store all journal tapes, manual sales tickets and end of day reports in a secure place. These tapes are by far
the easiest way for thieves to collect data on your customers. When discarding these reports, make sure it
is in a way that they cannot be read or copied.
• Do not allow any employees to bring electronic devices to work. This includes laptop computers or smaller
devices that resemble pagers. These devices can be used for skimming. Skimming data is a technique used to
perpetrate credit card fraud. These devices collect credit card data from legitimate credit cards and store
them into a database that can be used to produce counterfeit credit cards.
• Train your cashiers to be on the lookout for customers making large or multiple purchases of items such as
cigarettes, alcohol and phone cards on credit cards. Each site should have an established policy on these sales
that is communicated to all employees.
• Watch for counterfeit cards. If a card presented does not look or feel like a bank card it probably is not.
Also, remember to check expiration dates: do not accept cards that have expired.
• Finally, ask for identification if the signature on the receipt doesn’t match the back of the card or if there is
no signature on the back of the card. All American Express, Discover, MasterCard, Visa as well as BP
MultiCard and BP Visa cards can only be used by the person whose name appears on the card. Any other
usage can result in a chargeback.
• Never risk your own safety or the safety of your customers or employees.
4
5
NOTE: THIS IS NOT AN EXHAUSTIVE LIST OF ALL CHARGEBACK REASONS.
How to Minimize Non-Receipt of RFCO Chargebacks
Credit Card Chargeback Reasons
Guidelines only and not a guaranty***
Disputable/Not Disputable
Manual sales tickets received more than
11 days after date of sale
Not Disputable
• Late submission will result in a chargeback.
Transaction sale amount or other sales
information altered
Disputable: site needs to supply correct information
Prepare Information Using These Guidelines
Expired, mutilated credit card accepted
Not Disputable
• Photocopy each requested paper ticket copy along with the RFCO request onto a single page.
Only copy one ticket and its corresponding RFCO per page.
Manual sales ticket missing required information
Not Disputable
• Make sure the copies are legible.
Illegible or invalid customer account number
Disputable: site needs to supply correct customer account
number
Chargeback per site/District request or voided ticket
Disputable: site must provide correct information
Invalid signature
Disputable: if site can prove signature matches
Non-authorized transaction at the pump
Disputable: site needs to provide proof sale
was at the pump
No account number
Disputable: site needs to supply correct account number
Requested sales authorization not shown
on manual ticket
Not Disputable
Sales authorization declined at time of transaction
Not Disputable
Unauthorized transaction that exceeds the floor limit
Not Disputable
Customer disputes
Disputable: site needs to provide written explanation of
transaction
Duplicate billing - EPOS tickets
Disputable: site needs to prove 2 separate sales with same
customer signature
Duplicate billing - EPOS ticket and manual sales ticket
Disputable: site needs to prove 2 separate sales with same
customer signature
Fraudulent activity by site/employee
Disputable: affidavit received stating credit card left with
site attendant
Presentment of sales ticket or data more than 6 months
Not Disputable
Imprinted and handwritten amounts do not agree
Disputable: site needs to supply correct documentation
Dealer-required sales authorization code not shown
Not Disputable
Copy of EPOS ticket retrieval not provided (RFCO)
Disputable: site needs proof of fax confirmation or Certified
Mail
Customer disputes quality of products or
services rendered
Disputable: site needs to provide written explanation of
transaction
Reverse previous error letter or chargeback
Disputable
Positive ID not verified on non-fuel sales over $50.00
Not Disputable
Fraud activity or charge accepted in violation of
authorization procedure
Not Disputable
Invalid authorization
Not Disputable
Credit card not accepted by BP
Not Disputable
Respond to RFCO Requests Promptly
• Paper ticket copies must be received by the requester by the date indicated on the RFCO notice.
• On each page include 7 digit SVB number, phone number and name of contact.
Fax Information and Save Fax Confirmation Receipt and Verify Receipt of Response
• Faxing is the preferred method of responding to RFCO notices, but you may send information using
Certified Mail. Save your receipt/fax confirmation!
- Call the GBS-a 48 hours after faxing response to verify receipt.
File All Information for Future Reference
• Save all information, including fax confirmation receipts and copies of all Settlement Reports that show
if RFCOs were made available the preceding day. These will be needed if you dispute a chargeback.
• Without proof of response to a RFCO within the allotted time frame, a chargeback for
non-receipt of RFCO cannot be reversed and your site remains responsible for the full amount.
BEST PRACTICE FOR RFCO:
6
•
CHECK FOR RFCO EVERY DAY.
•
RESPOND TO RFCO REQUESTS PROMPTLY.
***Guidelines only–this is not a guaranty of resolution or action to be taken. The ability to dispute a chargeback may vary with
multi-reason chargeback.
All disputed credit card chargebacks should be directed to the GBS-a.
Please refer to Appendix B for contact information.
7
Chargeback Type
Steps to Avoid Chargeback
Non-receipt of RFCO
(Request For Copy of Original
Tickets)
• Make sure you retrieve your e-mail and Dispute Manager on a daily basis.
• Respond to the RFCO within the timeframe required. The due date required
is at the bottom of the RFCO.
• Ensure that you have proof of submission via fax confirmation or using
Certified Mail.
• Ensure that you fax the RFCO to the correct fax number displayed at
the bottom of the RFCO.
• Keep copies of all information sent until resolution.
Unbillable Sale
• Prior to making the sale, make sure that BP accepts the credit card as a
method of payment.
• In the case of manual sales, make sure the manual sales ticket is legible,
particularly the last copy of the ticket. The bottom copy is used to bill the
customer.
• The authorization number obtained must clearly be visible on the EPOS
sales receipt or manual ticket.
• Properly complete all required sections of manual sales tickets
(including Wright Express and other commercial cards which require
additional fields to be entered).
Invalid Card
• Do not accept a card PRIOR to the valid date or AFTER the expiration
date that appears on the card.
• Credit card sales submitted on expired cards are not valid even if an
authorization number is obtained through the issuing company.
• Do not process a sale if the card number displayed on the receipt does
not match the number embossed on the face of the card.
Addition Errors
• Make sure all manual sales tickets are included with the Batch Summary
and are added correctly.
No Imprint
• An imprint is required on all manual sales tickets and key-entered sales.
Imprint the card on a manual sales ticket.
• If the imprint is not clear or cannot be obtained, clearly print account
number, expiration date and name of customer on the manual sales ticket
with a black ballpoint pen.
No Signature/Invalid Signature • Obtain a signature for every sale (excluding pay at the pump sales).
• Compare signature on the sales draft with the one on the back of the card.
Referral Code
• If after swiping a card the POS code shows REFERRAL, the POS device is
requiring the cashier to verify identification of the person presenting the card.
This is for security purposes and does not mean the sale should be declined,
only that positive identification should be obtained.
No Authorization/
Invalid Authorization
• Obtain proper authorization on all sales.
• Do not attempt to re-authorize a sale once a decline is received. Ask for
another form of payment.
• Record a valid authorization number on “Call for Authorization” and “Referral”.
Duplicate Processed Sale
• Ensure that the cardholder is billed only once per transaction.
Late Presentment
• Submit all manual sales tickets for processing within 11 days of the date of
sale. A best practice is that sites submit tickets on a weekly basis.
Fraud Prevention Tactics
BP offers tools to help prevent fraudulent transactions.
Virtual Automated Dial Back-up (VADB)
Virtual Automated Dial Back-up (VADB) or dial back-up is a secondary method of connecting to the BP Retail
Network to process payment cards and transactions. It uses a telephone line in case the primary satellite connection
fails, so that a secure data transmission can continue. If satellite connectivity is lost, due to weather, alignment issues,
vandalism, etc. dial back-up will automatically activate and be used to process payment card transactions until the
satellite connectivity is restored.
Virtual Automated Dial Back-up is highly recommended for any site where the satellite has been tampered with in
order to commit credit card fraud. To have dial back-up, you must have a secondary phone line which must be plugged
in at all times. Use of a site’s primary phone line is not allowed. However, the line can be shared with other services like
a fax machine or an ATM. The service plan you have on the dial back-up line must have unlimited local and toll free
calling. If a site has a limited measure plan, use of a dial back-up during an extended outage may result in a higher than
normal phone bill. BP is not responsible for the phone bills associated with the dial back-up system. Any site that has
satellite installed has the ability to sign up for VADB by using the do-it-yourself installation guide found on
www.bpconnection.com (Cards > FraudGuard > VADB > Installation Guide).
Address Verification System (AVS) or Zip Code Prompting
Address Verification System (AVS) is a tool for fraud prevention. The customer is prompted to enter his or her billing
zip code as part of the sales transaction, either inside (currently with a manually entered transaction only) or outside
at the dispenser. During the authorization, the zip code that is entered is matched against the billing zip code that the
credit card company has on file. Usage of this fraud prevention feature at a retail site is at BP’s discretion and can be
activated for outside purchases. Credit cards that currently support this feature are:
• American Express
• Discover
• MasterCard
• Visa
Security ID (CVV2/CVC2/CID)
Card Verification Value (CVV2)/Card Validation Code (CVC2)/Card Identification (CID) is an additional processing
tool for fraud prevention. A 3 or 4 digit security number is printed on credit cards to help validate that a customer is in
possession of a legitimate card at the time of a sale. The cashier is prompted for the CVV2/CVC2/CID security number
during a manual entry transaction. Information for locating the CVV2/CVC2/CID security number on the card can be
found in Section 7.0. Certain sites may qualify for this tool. The credit cards that currently support this feature are:
• American Express (CID)
• Discover (CID)
• MasterCard (CVC2)
• Visa (CVV2)
Fraud Guard
Marketers have the ability to activate AVS and install VADB at their sites to help deter fraud activity and improve
connectivity.
• AVS (Address Verification System):
- If a site decides to install AVS, BP will take responsibility for outside chargebacks up to the default CRIND
limits by card type.
- If a site decides not to install AVS, the site will be responsible for all chargebacks that occur at the site.
- Marketers can activate or disable AVS by contacting the GBS-a using option 3.
- Marketers can use the Chargeback Report posted on bpconnection.com to determine which sites currently
have this technology activated. bpconnection.com (Financials > Chargeback Report).
• VADB (Virtual Auto Dial-backup):
8
- Sites can install the VADB system at any point in time. Once VADB is installed the system will begin
working immediately.
9
Fraud Prevention Best Practices
BEST PRACTICE: NEVER RISK YOUR OWN SAFETY OR THE SAFETY OF YOUR CUSTOMERS
OR EMPLOYEES.
Sales Processing
• Obtain authorization by swiping the card or calling the authorization center if the card will not swipe.
BEST PRACTICE: THE BEST WAY TO MINIMIZE FRAUD AND AVOID CHARGEBACKS IS TO
ALWAYS CHECK THE SIGNATURE ON BACK OF THE CARD AND COMPARE TO THE
SIGNATURE ON THE SALES TICKET.
BP Proprietary Card Procedures
• Make sure the credit card number that prints on the receipt matches the number on the card presented.
Please visit us at www.chase.com/bp.
• Always obtain a signature and compare the signature on the manual sales ticket to the signature on
the back of the card.
• Watch for customers who:
- Purchase large amounts of non-fuel items
such as cigarettes, beer, wine and auto supplies.
- Try to distract you while processing the sale.
- Make multiple purchases in the same day.
- Make multiple purchases at the pump.
• If you are suspicious of a card, call the authorization center for that card and ask for a “Code 10”
authorization. You should call for a “Code 10” authorization AFTER the customer has left the site and
any danger to site employees and customers has passed.
Site Managers
• Review Batch Reports and look for an excessive number of key-entered transactions. Be alert for multiple
key-entered transactions on an account in a 24-hour period.
• Store all materials containing cardholder information in a locked and secure area limited to authorized
personnel. Materials include, but are not limited to:
- Receipts
- Manual Tickets
- Journal Tapes
2
1
3
• Check expiration and valid-through dates (1).
• Make sure the name on the front of the card and card number matches the name printed on the sales receipt
(2). If suspicious, call BP Credit Card Authorization at 1-888-541-3801.
• Check signature on the back of the card with signature on sales ticket (3).
• Check ID when prompted and on all sales. Remember to write "VPI" (Verified Positive Identification)
on sales tickets for BP Proprietary Cards.
- Batch Reports
Destroy (i.e., cross-cut shred) any materials that contain cardholder information after retention
times described in the Guide. Never simply throw these materials in the garbage.
• For BP In-Station Cards:
Visa/MasterCard Security Features
- Keep the cards secure. You will be responsible for any fraudulent transactions that take place at another
site. If possible, establish a process between shifts to account for all In-Station Cards.
- Update the list of authorized users with your customers on a regular basis.
- Train your employees on how the authorized users will identify themselves.
• Do not allow employees to bring laptop computers or other electronic equipment to your site.
Laptops and other electronic equipment can be used for “skimming” or “cloning” or “sniffing”
of cardholder account information to be used fraudulently elsewhere.
• Do not disconnect or connect any equipment to either the network switch or the satellite inside unit
(PES) or modem unless specifically instructed to by an GBS-a Analyst or a BP network engineer. Changes
to the connection of card processing equipment or the card processing network are not permitted.
Sales of any Gift Cards or Phone Cards
• Due to increased fraud, all gift cards and phone cards should not be paid for using any of the BP
Commercial Cards:
- BP Business Solutions Fuel Card, BP Business Solutions Fuel Card Plus, BP Business Solutions
MasterCard, BP Business, BP BusinessPlus
• If a retailer elects to sell gift cards or phone cards to a BP Commercial Cardholder, the site is at risk
of chargeback for the total amount of the sale.
• All MasterCard account numbers begin with 5 and Visa account numbers begin with 4.
• A 4 digit number pre-printed on the card (above or below the account number) should match the first
4 embossed digits of the account number.
• The MasterCard account number embossed on the face of the card should be exactly the same as the
16 digit account number printed on the signature panel and printed on the sales draft.
• A MasterCard should have a hologram with interlocking globes showing the continents. The hologram may
be above or below the MasterCard Brand Mark on the front of the card or may be on the back of the card
or integrated into the magnetic stripe on the back of the card.
If you suspect that the card may not be legitimate, call:
MasterCard Law Enforcement at 1-800-231-1750
or
Visa Law Enforcement 1-800-FOR-VISA
• Business owners use BP Commercial Cards to control business expenses. It is highly unlikely for a driver to
have a valid reason for purchasing any gift cards or phone cards on a company credit card. Train your CSRs
to be on the lookout for this type of high risk activity and to request cash or other approved payment
methods for gift card or phone card sales.
10
11
American Express Security Features
• American Express cards are not transferable. Only the person whose name is embossed on the card
is entitled to use it.
• All American Express account numbers begin with 37.
• If someone has tampered with the signature panel, the waved printed background will appear white
or smudged.
• A duplicate account number is etched into the back of the card.
If you suspect that the card may not be legitimate, call American Express Law Enforcement at 1-800-528-2121.
12.0 Commercial Cards
The BP Business Solutions fleet card products (including but not limited to the BP Universal MasterCard, BP Business
Solutions Fuel Card, BP Business Solutions Fuel Card Plus and Branded Marketer Private Label Card) are strictly for
the use of a business fleet for purchases of retail fuel on a per vehicle basis. BP retail sites are prohibited from accepting
a BP Business Solutions fleet card to process sales of aggregated fuel (including, but not limited to, multiple vehicle fuel
sales processed in a lump sum fashion or the manipulation of sales on a transaction with prices other than the posted
price at the retail site), bulk fuel or delivered fuel transactions. All BP Business Solutions fleet card sales transactions
must be for individual sales to a single vehicle at a retail fuel site only. BP reserves the right to charge back to the
retailer any and all transactions in violation of the Guide and/or to deny customer rebates connected with
prohibited transactions.
Rules for Authorization of BP Commercial Cards
• Do not sell any gift cards or phone cards using any BP Commercial Card as the payment method.
• Purchase restrictions such as “Fuel Only” may be embossed on BP Commercial or In-Station Cards. Only
the products and services specified or embossed on the credit card can be purchased.
• Do not sell items prohibited by owner of BP Business, BP BusinessPlus, BP Business Solutions Fuel Card,
BP Business Solutions Fuel Card Plus, BP Business Solutions MasterCard or BP In-Station Card accounts.
• BP Commercial Cards should be used for commercial purchases only.
PHH/WEX Cobrand Card Authorization
The PHH/WEX cobrand card has 2 account numbers on the face of the card:
Discover Network Security Features
• The PHH account number for maintenance/repair transactions is located in the red or blue portion
of the card. This account number should never be used to process fuel purchases.
• The Wright Express (WEX) account number for fuel is located in the gray portion of the card and should
always be used to process fuel purchases.
The Wright Express card has everything embossed on the card to handle fuel only purchases.
The cashier will receive a “Fuel Only Y/N” prompt for non-fuel items when the account number
is manually entered.
Voyager Commercial Credit Card Authorization
Processing a Voyager Commercial Card
• Verify expiration date. Card is valid through the last day of the month for any year indicated.
Any sale made after this date is subject to chargeback.
• All Discover account numbers begin with 6.
• Repetitive fine line printing of the card name appears on the back or on the sides of the card.
• A duplicate account number appears in the reverse indent printed on the signature panel.
If you suspect that the card may not be legitimate, call Discover Services Law Enforcement
at 1-800-347-1111, option 3.
• Cards can be set up for “Fuel Only” or “Fuel and Other”. “Fuel Only” cards are restricted to fuel
purchases only. Any non-fuel item purchased on a “Fuel Only” card may be subject to chargeback.
“Fuel Only” restriction codes are 01, 11, 21 and 31. “Fuel and Other” cards are open to all purchases
except money orders and lottery tickets.
• If the card is a cobranded Voyager card, check in the bottom right-hand corner for the Voyager logo.
• Authorization for POS Sales: pinpad may prompt for ID number and/or odometer reading.
• Manually entered transactions are allowed since the site can enter the 2 digit fleet code from the
embossed card.
• If a card user appears suspicious, call 1-800-987-6589. Ask for “Authorization Code 10.” The operator
will ask you questions that require only “yes” or “no” answers, in case your conversation is being overheard.
• If a problem occurs with a sale, instruct the customer to call Voyager Customer Service at 1-800-987-6591.
12
1
Fleet One Local Credit Card Authorization
Processing a Fleet One Local Commercial Card
• Verify expiration date. Card is valid through the last day of the month for any year indicated. Any sale made
• If the card is a cobranded Fleet One card, check in the bottom right-hand corner for the Fleet One logo.
• Manually entered transactions are allowed.
• The customer may be prompted for Odometer and Vehicle number.
• If a problem occurs with a sale, instruct the customer to call Fleet One Customer Service at 1-800-357-7587.
Fuelman Credit Card Authorization
Processing a Fuelman Commercial Card
• Verify expiration date. Card is valid through the last day of the month for any year indicated. Any sale made
• If the card is a cobranded Fleet One card, check in the bottom right-hand corner for the Fleet One logo.
• Manually entered transactions are allowed. If no expiration date is embossed on the card, 12/99 should be
entered by the cashier.
• The customer may be prompted for Odometer and Vehicle number.
Applying for BP In-Station Cards
• If a customer is interested in this product, please have him or her complete and return a BP Business
Solutions application. Be sure he or she checks the In-Station box on the application and then fill in your
site name, 7 digit SVB number and phone number.
• If the customer is approved for credit, the card will be sent to the cardholder, who will be responsible for
bringing it to the site.
• If the customer has questions regarding their application, please ask them to call the BP Commercial Card
Application Processing Center at 1-800-348-7959.
When a Customer Brings in a New In-Station Card
• Verify from the business owner/manager which employees are authorized to use the card and how they will
identify themselves to your employees.
BEST PRACTICE: TO AVOID CHARGEBACKS, KEEP A LIST OF EMPLOYEES AUTHORIZED TO
USE EACH BP IN-STATION CARD AT YOUR SITE AND UPDATE IT REGULARLY.
In-Station Card Procedures When Site is Closing
Processing of Manually Entered BP Commercial Cards
If your site will be closing, either temporarily or permanently, it is necessary to secure any In-Station Cards. Even
though they have your In-Station number on them, they can be used at any site if the customer’s card number and
account are valid. If the card is misused or used fraudulently, even if the transactions are not from your site,
you will be responsible for those charges.
For the BP Business, BP BusinessPlus, BP Business Solutions Fuel Card,
BP Business Solutions Fuel Card Plus or BP Business Solutions MasterCard:
Customers should also be notified that your site is closing so they may use a new In-Station Card at the alternate
BP site of their choice. Please follow these steps:
• If a problem occurs with a sale, instruct the customer to call 1-800-877-9013.
• Key-in the account number and the expiration date on the point of sale.
• The customer may be prompted for ODOMETER, DRIVER ID and VEHICLE number at the pinpad.
• The customer should key in the data for each prompt at the pinpad.
• Whether or not the customer receives any fleet prompt, be aware that the customer should respond to the
TOTAL CORRECT Y/N prompt at the pinpad accordingly.
In-Station Card Processing
BP In-Station Cards are preferred by some commercial card customers so that their drivers do not have to carry a card
with them. This option is offered on the BP Business and BP BusinessPlus credit card programs and also available on
the BP Business Solutions Card program.
In-Station Cards have security features that prevent the use of the cards at the pump.
In-Station Cards do not have security features that prevent the use of the card at another site.
It is the site’s responsibility to keep BP In-Station Cards in a secure location and to instruct cashiers on the proper use
of these cards. The site should keep a list of each card’s authorized users that must be regularly maintained for accuracy.
If an unauthorized user uses the card or the card is used at another site and the customer disputes the sale, the site
where the card was originally kept may be charged back for that transaction. Misuse or fraudulent use of an
In-Station Card will result in a chargeback to the site and may also subject the user to criminal prosecution.
In-Station Cards are intended to be used only inside the site, not at the pump. If a card is used at the pump, an
exception is automatically generated on reports included with each commercial customer’s monthly statement. If the
customer chooses to dispute a sale made at the pump, the site will be charged back for that transaction.
Remember, each Marketer is responsible for the acts and omissions of his or her employees’ compliance with all
regulations and instructions in the Guide and the updates to the Guide.
• Before closing, verify the date your site will close. Allow at least 6 weeks lead-time to complete the process
by the time of closing.
- If your site will be re-opening, make a list of the account numbers and customer names.
- Decide how you will secure the In-Station Cards.
- If your site will not be re-opening or if it will re-open with a new SVB number,
destroy the In-Station Cards as soon as you are closed.
- Do Not leave the In-Station Cards where they may be found and used at another site.
• Determine the best BP sites for your customers to use while you are closed. Make a list that includes the
names, addresses and SVB numbers of those sites.
• Fax location closing information to: Manager, Customer Service at 1-800-420-8061 or e-mail closing
information to: [email protected].
- The following information must be included in the fax or e-mail:
Site Name
SVB Number
Site Address
Contact Name
Contact Phone Number
Closing Date
Re-Opening Date (if applicable)
New SVB Number (if this is changing)
Alternate BP Sites
Addresses of Alternate BP Sites
2
3
In-Station Card Procedures When Site is Closing (Continued)
- If your SVB number will not be changing, also include account numbers and company names
of your In-Station Card customers. Remember to secure In-Station Cards.
• The In-Station Card customer will be contacted with information about when your site will close (and
re-open, if applicable), alternate BP sites and how to receive a new In-Station Card for their employees’ use.
Call BP Commercial Cards Customer Service at 1-800-299-5766 with any questions.
13.0 BP Pump Rewards Programs
Price Rollback technology enables instant cents-off-per gallon to the consumer at participating locations. If you do not
have capabilities for Price Rollback at your site(s), please contact your sales representative.
BP has several loyalty reward programs that utilize this technology platform. This includes BP Driver Rewards Loyalty
Card, BP Visa, BP Card, Single-Use Reward Cards and Single-Use Reward Codes. The specific BP Loyalty Rewards
Programs offered vary by region and specific programs listed may not be available at some locations. If you have any
questions related to participation please contact your sales representative.
BP Pump Rewards Program Offers
More complete information including the terms and conditions can be found on bpconnection.com.
BP Driver Rewards Loyalty Card
• BP Driver Rewards is a non-payment loyalty card that allows card members to earn and redeem cents-offper-gallon rewards on fuel purchases as long as they meet qualifying program criteria. BP Driver Rewards
card members earn and redeem at participating BP stations with a single card swipe. Rewards are earned and
redeemable only at participating BP locations with operable electronic transaction networks. Terms and
conditions apply. See bpdriverewards.com for details and participating locations.
BP Visa® and BP Card
• BP Visa and BP Card are payment cards that allow cardholders to earn cents-off-per-gallon rewards on
qualifying purchases made with their BP Visa and BP Card. They can then redeem their rewards at
participating BP stations with a single card swipe. Details of how to process payment cards can be found in
section 4.0 of this payment guide. BP Visa rebates expire at the end of the 12 calendar months after the
month the rebates were earned.
Single Use BP Cents per gallon Rewards Card
• Single use consumer cards that offer a cents-off-per-gallon reward on fuel for amount
of promotion. Amount of promotion varies and is always only the amount printed on the card being
used. Rewards are subject to expiration printed on the card. Consumers redeem their rewards by swiping
the Single-Use Rewards Card, which is valid up to 20 gallons. Any unused rewards from the purchase are
forfeited. May not be combined with other offers. Rewards are earned and redeemable only at participating
BP locations with operable electronic transaction networks. Terms and conditions apply.
See mybpstation.com/station-finder for details and participating locations.
4
1
Driver Rewards Registration Reporting
Driver Rewards registration reporting can be found on bpconnection.com > homepage. These reports will provide
current information on status and performance on the Driver Rewards program.
Single-Use BP Cents per gallon Reward Codes
• Single-Use code that consumers can enter at the dispenser or on the pin pad that will provide
a cents-off-per-gallon reward on fuel for the amount of promotion. Amount of promotion varies and is
always printed on the front of the code being used. Not all dispensers will allow the entry of a code; this is
dependent on capabilities of the dispenser. Up to 20 gallons and any unused rewards from the purchase are
forfeited and cannot be combined with any other offer. Rewards are earned and redeemable only at
participating BP locations with operable electronic transaction networks. Terms and conditions apply.
See mybpstation.com/station-finder for details and participating locations.
BP will from time to time change and/or develop new pump rewards programs and or offers.
BP Driver Rewards FAQ’s
How do I get enabled for Driver Rewards?
Do It Yourself Instructions are available at bpconnection > programs > better payments and rewards > BP Driver
Rewards > Pump Rewards installation + deployment > DIY Program offer
How does a consumer register their BP Driver Rewards Loyalty Card?
Consumers should visit bpdriverrewards.com and click the Register Your Card button. They will then be asked to enter
their card number as well as some additional information so that BP can contact them about the BP Driver Rewards
program and specific information pertaining to their BP Driver Rewards account.
BP Driver Rewards Processing Details
Processing steps vary based on point of sale and transaction type, please refer to bpconnection.com >Financials >Better
payment & rewards for details.
How are rewards redeemed with the BP Driver Rewards Card?
Cents per gallon rewards can be redeemed at the pump at participating BP sites. To redeem cents per gallon rewards at
the pump, a card member swipes their BP Rewards Card at the beginning of the transaction and is then asked on the
prompter if they would like to redeem their rewards. If they choose yes, the price automatically rolls back to the amount
of cents per gallon rewards available. The maximum rewards allowable for each purchase is automatically used up for 20
gallons each transaction. Any unused rewards on each purchase are forfeited. However, the price will never roll back to
less than $.109 per gallon.
How can a cardholder find out their current rewards balance?
Card members can find their BP Driver Rewards balances by logging into bpdriverrewards.com. or balance inquiries can
be initiated by the cashier at the register. Once initiated, the card member swipes their BP Driver Rewards Card on the
PIN pad. The earned rewards amount will be printed on a receipt.
Who should I contact for help?
For Site settlement and PRB issues please call the GBS-a at 1-888-BP-HELPU option 5, 4.
For processing or POS issues please call 1-888-BP-HELPU option 3, 2.
2
3
BP Cents per Gallon Rewards Cards & Codes
4
5
14.0 Price Rollback Settlement
The price rollback fees vary by program and are available on bpconnection.com > Financials >
Price Rollback program fee matrix
There are several reports on the EPS that provide information on the Price Rollback (Loyalty) transactions.
These are retained on your EPS for up to 3 days. These reports must be printed EVERY DAY to reconcile
with settlement. Missing sales and/or batches WILL NOT be recreated if these reports are not printed.
•
•
•
•
•
•
Terminal Batch Loyalty Detail Report
Loyalty Discounts by Type Report
Loyalty PPU Transaction Detail Report
Loyalty PPU Totals by Grade Report
Reward Settlement Report
Loyalty Earn Report by Grade
Each POS will display a set of menu options (typically located under Network Reports) that will provide access to the
printing of these EPS reports. When you navigate through the Network Report options, you will find a list of available
EPS reports. Please refer to your specific POS manufacturer’s documentation to find details on how to access these
reports.
In addition to the six EPS reports discussed here, your POS may offer additional loyalty information within the End of
Day and/or Back office reports (if applicable). Please refer to your specific POS manufacturer’s documentation for more
details.
If your site uses a back office system that interfaces with your
POS, you will need to contact your service provider
to determine if any configuration changes are needed so that
loyalty transactions are accounted for properly.
Request this report by Terminal Batch number. The report will
contain individual loyalty account numbers and the associated
rewards redeemed for all loyalty transactions. This includes
rewards where the price rolled back at the dispenser (typically
pre-pay and CRIND transactions) AND transaction level
rewards (typically post-pay transactions) where the customer
has already fueled at the full posted price and had loyalty
redemption applied when paying inside. In addition,
there will be batch totals for sales and rewards.
D E S T R O Y A F T E R
U S E
D O N O T J U S T D I S C A R D
DLR # 9999999
Printed: 03/25/11 09:10:10:00
Terminal Batch 999
03/25/11 09:10:10 DLR# 9999999
WORKSTATION ID 001
Loyalty Host: Excentus
Account No.
Total
Discount
41111111517
16.95
0.92
41111111518
24.97
0.83
41111111510
9.01
0.42
TICKET TOTAL
DISCOUNT TOTAL
Loyalty
Account No.
4266514200181234
4266514200184567
4266514200187890
50.93
2.17
Host: VCMG
Total
Discount
31.24
1.70
20.65
1.28
22.04
0.48
TICKET TOTAL
DISCOUNT TOTAL
73.93
3.46
Summary Discounts for all Loyalty Hosts
TICKET TOTAL
DISCOUNT TOTAL
124.86
5.63
D E S T R O Y A F T E R U S E
6
1
Reward Settlement Report
DLR # 9999999
Printed: 03/25/11 09:09:05:00
Request this report by Terminal Batch number. To run the
report for the current open Terminal Batch, press “0” for the
Terminal Batch number. The report will contain a summary total
of Price Per Unit (PPU) rewards. These are rewards where the price
Terminal Batch 999
rolled back at the dispenser and are typically pre-pay or CRIND
PPU
TICKET
TOTAL $
transactions. It also provides a total for ticket rewards. These are
DISC
DISC
transaction level rewards that are typically post-pay transactions
3.52
2.11
5.63
where the customer has already fueled at the full posted price and
had loyalty redemption applied when paying inside. A total for
both transaction types is provided as well.
Total Pre-Pay
Total Post-Pay
Total Rewards
Rewards Received Rewards Received
Redeemed
U S E
Reports on bpconnection.com
Member-ID
Grade
Street-Price
Volume
Total-Disc
PPU-
Disc
Total-Sale
03-25-11
14:12
1
03-25-11
14:15
3
03-25-11
14:23
1
03-25-11
14:30
3
426651400189174
001
2.109
15.620
1.70
4266514200189158
019
5.109
4.408
0.48
41111111517
001
2.109
8.477
0.92
41111111510
002
3.109
3.034
0.42
Total Volume
Total Discount
Total Sale Amount
CNT
6
Number of
Transactions
AMOUNT
5.63
FEE
.030
NET
5.48
Total
Discounts
• Driver Rewards Summary Report
Provides the gross, fee and net amounts by
jobbership or by site, depending on the level of
access. This report should be viewed daily and
reconciled with your Terminal Batch Loyalty
Report and Reward Settlement report.
Terminal Batch 999
Time
Pump#
Site ID: 9999999
Loyalty Report
BCIDDATE
999 0325
DLR # 9999999
Printed: 03/25/11 09:15:10:00
Date
Rewards Settlement
DLR # 9999999
Printed: 03/25/11 09:09:00:00
On bpconnection.com > Financials > Driver Rewards
Settlement, you will find 3 reports:
Request this report by Terminal Batch number. The report will contain
a list of transactions made at the dispensers where the price rolled back.
These are typically pre-pay and CRIND transactions. It contains the most
details of the transaction including Date/Time, Original Prices, Reduced
Prices, etc. It includes summary total volume dispensed, total rewards, and
total amount paid. This report does not include transaction level rewards
(typically post-pay).
This report is under the EPS Network Mail reports
menu. The report will show the total net amount by
terminal batch that will be paid. This report should
be printed daily.
0.109
31.24
• Driver Rewards Notifications
Provides information by site by day and
includes, gross, fees and net amount deposited
to your bank along with the total gallons and
total number of transactions.
0.109
22.04
0.109
16.96
0.140
9.01
31.539
3.52
79.25
Total
Discounts
Fees
Paid
• Driver Rewards Detail
Provides information by site by day by program type and includes gross, fees and net amount along with end
of day number and transaction count.
U S E
Request this report by Terminal Batch number. The
report will contain a summary total of rewards and volume
redeemed by grade where the price is rolled back. These
are typically pre-pay and CRIND transactions. This report
does not include transaction level rewards (typically
post-pay).
Loyalty Earn Report by Grade
Request this report by Terminal Batch number. This report
contains summary totals of transaction count, fuel volume
and sales by grade for earn transactions. This report also
includes batch level summary of earn transactions, fuel
volume and total sales.
DLR # 9999999
Printed: 03/25/11 09:09:00:00
Terminal Batch 999
GRADE
019
001
002
COUNT
1
2
1
VOLUME
4.41
24.10
3.03
DISCOUNTS $
0.48
2.62
0.42
Driver Rewards Reconciliation
The Terminal Batch Loyalty Detail Report will show Discount Total for all loyalty
transactions for a terminal batch. That amount minus any fees is what will be paid
to the site. The Reward Settlement report and the Driver Rewards Summary screen
on bpconnection.com will show the gross total (discount total), fees and the net
that is paid.
Rewards Settlement
DLR # 9999999
Printed: 03/25/11 09:09:00:00
CNT
6
AMOUNT
5.63
FEE
.030
03/25/10 09:10:10 DLR# 9999999
WORKSTATION ID 001
Loyalty Host: Excentus
Account No.
TotalDiscount
41111111517
16.950.92
41111111517
24.970.83
41111111510
9.01 0.42
TICKET TOTAL
DISCOUNT TOTAL
Site ID: 9999999
Loyalty Report
BCIDDATE
9990325
U S E
DLR # 9999999
Printed: 03/25/10 09:10:10:00
Terminal Batch 999
NET
5.48
Account No.
4266514200189174
4266514200189133
4266514200189158
TICKET TOTAL
DISCOUNT TOTAL
50.93
2.17
TotalDiscount
31.241.70
20.651.28
22.040.48
78.93
3.46
Summary Discounts for all Loyalty Hosts
TICKET TOTAL
DISCOUNT TOTAL
124.86
5.63
U S E
2
3
Appendix A FAQs
Card Processing
Q. How do I cancel a credit card sale?
A. Cancelling a credit card sale can be handled in one of two ways. It can be cancelled through your POS device (POS
capability and site management discretion) or the cancellation may be phoned in to the GBS-a. Please refer to
Appendix B for contact information.
Q. How do I process a credit card if the magnetic stripe is bad?
A. Key-enter the sale, but be sure to get an imprint of the credit card using form NC-H-3001 and have the customer
sign the imprinted form NC-H-3001. See Section 8.0 of the Guide for more details.
Q. What should I do with an imprinted sales ticket?
A. Keep the imprinted sales ticket on manually key-entered sales for a minimum of 13 months in case the customer
disputes the sale. (To avoid double billing the customer, do not submit the imprinted form for payment on
key-entered sales.) Keep these tickets and all tickets in a locked and secure place to protect cardholder
information and prevent fraudulent use.
Q. How long am I required to keep copies of my electronic and manual sales ticket transactions?
A. Sites are required to keep electronic journal tapes and manual sales tickets for a minimum of 13 months. All
materials containing cardholder information (i.e., electronic journal tapes and sales tickets) should be kept in a
locked and secure area. Appropriately destroy (i.e., cross-cut shred) these materials after the retention time
has elapsed.
Q. Is it possible to turn off the Cash Back feature?
A. Yes. The Cash Back feature is set-up at the time of install. The default is No Cash Back. It is only turned on when
the Marketer specifically requests it. A recent EPS software upgrade caused the Cash Back feature to be turned on
at a number of sites. If Cash Back is on and you want it off, please contact the GBS-a at 1-888-BP-HELPU.
Q. Why are some of my credit cards not prompting for signature?
A. No signature is required for purchases under $25.00 made with a Visa, or $50.00 for MasterCard, American Express,
or Discover Card. You should not receive a RFCO or chargeback for these transactions. Should you receive a RFCO
or chargeback for one of these transactions, please call the GBS-a. Refer to Appendix B for contact information.
Please be advised the card companies may change these values.
Chargebacks, RFCOs and Fraud
Q. How do I prevent chargebacks on manually key-entered sales?
A. Manually key-entered sales require an imprint of the customer’s credit card and their signature on an NC-H-3001
manual sales ticket. Periodically review manually entered transactions for potential fraudulent activity.
Q. I received a chargeback for Late Presentment of a Manual Credit Card Sale. What is this?
A. All sales must be processed by the issuer within 30 days of the transaction date. Therefore, be especially aware
of submitting your manual sales tickets in a timely fashion. BP recommends submitting all manual sales tickets
on a weekly basis.
Q. I received a chargeback for Non-Receipt of RFCO and I have proof that I sent this request in
within the timeframe required. What should I do?
A. Marketers who believe they have received a Non-Receipt of RFCO chargeback in error can contact the GBS-a.
Please refer to Appendix B for contact information. The Marketer must be able to provide proof that the RFCO was
received within the correct amount of time. Fax confirmation is the best proof or a signed Certified Mail receipt.
4
1
Appendix A FAQs
Appendix A FAQs
Q. What should I do if I receive a RFCO for a pay at the pump sale?
Q. Why would a rewards account become locked?
A. Ordinarily, you should not receive a RFCO for a pay at the pump sale. If you do, call the GBS-a.
Please refer to Appendix B for contact information. Refer to Section 11.0 for instructions on how to identify
a pay at the pump sale.
A. There are 3 ways a rewards account can become locked:
Q. On a bank card transaction, I never received a RFCO and now I have been charged back. Do I
have any recourse?
A. Yes. As a merchant, you have the right to challenge any chargebacks received whether or not a RFCO was sent
to your site. Contact the GBS-a and they will assist you in disputing these types of chargebacks.
Q. If after I receive a RFCO I settle the dispute directly with the customer, do I still have to send
in a copy of the ticket?
A. Yes, absolutely. Failure to send in a copy of the ticket under any circumstances will result in you being charged back.
Recall that an automatic timer is set at the time the RFCO is created. If that timer is not turned off, as it is when the
credit card processor receives a copy of the requested ticket, a chargeback will be generated automatically.
1. Rewards card was swiped but consumer did not fuel or cancel the transaction.
2. Rewards card was swiped but credit/debit card fails and consumer is prompted to see the attendant.
3. POS does not send rewards host a ‘Cancel’ when the ‘Error Correct’ key is used.
Q: What should I do if my site goes down or I am unable to process Price Rollback transactions?
A. For issues involving connectivity, please call the GBS-a at 1-888-BP-HELPU
(1-888-274-3578). Select option 3, then option 1.
Q: What if my site doesn’t support Price Rollback?
A. BP provides a Do-It-Yourself process for making your site Price Rollback capable. Contact your Jobber to see if your
site qualifies and how to get started.
Other Questions
Price Rollback
Q. What is Price Rollback?
Q. I have called the GBS-a and I am not reaching resolution on my chargeback issues.
What can I do?
A. Price Rollback is technology that allows consumers to redeem rewards with a rewards card or code and watch the
price roll back instantly, right at the pump.
A. The Chargeback Escalation Process is outlined in Section 10.0 of the Guide.
Q. How does Price Rollback work?
A. Consumers may obtain cents-per-gallon rewards through a variety of rewards programs. Programs vary by market
so check with your Jobber for details. To redeem rewards, consumers simply visit a participating BP site and follow
the instructions provided.
Q. Why didn’t the price roll back when rewards card was swiped?
Q. Will CommLinx enable Discount for Cash (DFC)? How?
A. Yes, Discount for Cash will be available with CommLinx Ruby software. Contact your Ruby Representative (VASC)
for instructions on how to utilize this function. G-SITE EPS software does not support DFC.
Q. If a site doesn't have a computer to access www.bpconnection.com, how can they receive
their mail and Settlement Reports?
A. Settlement Reports are available on the POS, but they do not print automatically.
A: There are several reasons a transaction may not work:
1. For single-use cards and codes, if a credit/debit card was swiped/entered BEFORE the rewards card or code,
rewards will not be offered.
2. There is no balance available on the rewards card.
3. The rewards card is locked.
4. The account is linked to another card that already used the rewards.
5. There is no connectivity to the network and Price Rollback transactions are temporarily unavailable.
6. The card was not properly activated or registered.
Q. Is there a limit on gallons purchased with rewards?
A. Each program will have a maximum number of gallons per redemption transaction. See terms and conditions of
particular program for gallon limits. If the maximum number of gallons is not purchased, any unused rewards on the
purchase are forfeited. If the consumer wishes to purchase more than the maximum number of gallons, they will
need to first complete the initial transaction using their rewards, and then begin a new transaction.
2
3
Appendix B Important Phone Numbers
Important Credit Card Authorization Information Numbers
Credit Card Authorization
Phone Numbers
BP Card and BP MultiCard Authorization
1-888-541-3801
BP Visa Card Authorization
1-888-541-3801
BP Gift Card Balance Inquiry/Activation
1-800-519-3560
BP Business, BP BusinessPlus, BP Business Solutions
Fuel Card, and BP Business Solutions Fuel Card Plus
1-800-414-6977
BP Business Solutions MasterCard
1-800-760-8870
MasterCard and Visa
1-800-447-1196
All Other Cards
See Section 2.0
Payment Card Support (includes Settlement, ClientLine, Chargebacks, Dispute Manager)
FirstData Merchant Services (Credit Card Support)
1-888-BP-HELPU,
FirstData Merchant Services (Credit Card Support) Fax
Option 5, 2
1-402-933-1840 (RFCOs)
1-402-933-1525 (Chargebacks)
1-866-381-4950 (Missing Transactions)
Hardware (EPS, POS, Connectivity)
GBS-a (EPS)
1-888-BP-HELPU,
Option 3, 2
1-888-BP-HELPU,
Option 5, 4
GBS-a Price Rollback Settlement
Customer Numbers
BP Private Label Card Customer Service
1-800-445-6106
BP Visa Customer Relations
1-800-278-4721
BP Private Label Card
BP Private Label Lost/Stolen Credit Cards
BP Commercial Card Applications
See Take-One Application.
1-800-445-6106
1-800-348-7959
Fax: 1-800-348-7960
BP Commercial Card Customer Service
(BP Business, BP BusinessPlus, BP Business
Solutions Fuel Card and BP Business Solutions Fuel
Card Plus Accounts)
1-800-299-5766
BP Business Solutions MasterCard
1-800-760-8870
BP Consumer Relations Hot Line - Consumers
1-800-333-3991
Guaranteed Gas
1-800-333-3991
BP Gift Card Customer Service (SVS)
1-800-519-3560
FuelCircle Customer Service (SVM)
1-855-731-9998
Fleet One Customer Service
1-800-359-7587
Credit Card Forms & Supplies
Standard Register (credit card forms, paper goods,
credit card take-one applications, Payment Guide, Wall Chart)
1-800-627-7476
BP Gift Cards and Carriers
Manual Imprinter - Addressograph Bartizan
1-800-633-9143
1

Introduction - bpbetter.com

Transcription

Similar documents

Joey Reznicek, Owner/Manager Salerno`s restaurant and pizzeria

DUKUNGAN SISTEM OPERASI OPERATING SYSTEM SUPPORT

Visa Rewards Redemption

Pog Mo Thoin Data Sheet

to teach all students - Akiba

catering college.cdr

INVESTMENT focuS - Castanea Partners

Credit Card Payment Form

OmegaLite USI supports Gilbarco`s PAM 1000 protocol, allowing

INVESTMENT CRITERIA ACTIVE PLATFORM