How JustAnswer Works:
  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site.
    Ask follow up questions if you need to.
  • 100% Satisfaction Guarantee
    Rate the answer you receive.
Ask TexLaw Your Own Question
TexLaw
TexLaw, Attorney
Category: Legal
Satisfied Customers: 4430
Experience:  Lead trial/International commercial attorney licensed 11 yrs
17219180
Type Your Legal Question Here...
TexLaw is online now
A new question is answered every 9 seconds

As a web subscription business we have customers credit card

This answer was rated:

As a web subscription business we have customers credit card info sent to us. As you know credit cards have expiration dates. So customers have given our business the permission to charge their credit card. So when credit cards expiration date happens, we have to contact that customer to get the new credit card expiration date. Is it illegal to enter a new expiration date say one year, two years, or three years on our own in order to charge a customer for what they agreed to pay for but simply try to update the expiration date ourselves without contacting the customer?

if not, is there any way to have a customer agree to allow us to do that via some kind of terms agreement?
Hi,

Thank you for your question.


You could do this with the customers written authorization. However, I'm curious as to how you would be able to determine what the new expiration date is? Would you just guess until you get it right?
TexLaw and 5 other Legal Specialists are ready to help you
Customer: replied 3 years ago.

yes, we would guess until it went through or create software that would do the guessing for us until it goes through. would acceptance to a terms online be enough to do this or would it have to be written consent?

Either way works. You would do it in the terms that are accepted when the customer provides the credit card information to you in the first place.

One question though, is there any possibility that a complication may arise from repeatedly attempting a charge until your guess is right on the expiration date (such as a fraud alert to the customer or something similar)? The issue being that you would want to avoid causing any sort of harm to the customers credit.
Customer: replied 3 years ago.

no, the software stops as soon as it goes through, so no fruad.


 


one more question, same subject.


 


So currently we have a system that actually stores customers cc info on our side and we process payments by passing that cc info on our system to the gateway and then the gateway charges them.


 


We are moving to a new system using the same gateway however, instead of storing the cc info on our side and passing that info to the gateway every month, this new system will store the cc info and then we will id customers on our side to the gateway side using a secure token. That way we don't have to worry about compliance or so much security on our side and we let the gateway handle that.


 


However there has to be an initial passing of the current credit card info from our current system to our gateway before we go to the token system. Do we need authorization to do this or since they are already customers and approved of being charged in our current terms, is that enough to protect us in order to do this one initial pass of info to the gateway and then the gateway stores it, assigns a token and then we go to the token system?


 


Keep in mind, the gateway we are using for this new token system is the exact gateway and merchant id we are currently using now, so we are simply changing the method by which we do transactions and moving the cc info off our side and onto the gateway side.


 


Thanks for your help!