ACH (Automatic Clearing House) direct debit processing is one of the ways your nonprofit can collect online donations. ACH direct debit donations are made using a donor’s bank account number and routing number (found on the bottom of a personal check).
ACH direct debit is an easy way for donors to set up recurring donations that are taken out of their bank account each month.
Every time someone makes an online donation, they must input a minimum amount of information to complete the transaction. And if your payment processor integrates with all of your other types of fundraising software, then your donor data will be synced regardless of whether a donor made a contribution using a mobile bidding app, text-to-give tool, or standard donation page!
PCI Compliance deals with a payment processor’s abidance to the payment card industry’s data security standards (PCI DSS).
There are a dozen rules and strict standards that the payment card industry has in place to protect both consumers and organizations (businesses and nonprofits) from fraudsters and thieves.
Payment processors will often charge nonprofits an annual PCI compliance fee to ensure that they are able to meet the payment card industry’s standards.
PCI compliance is extremely important from both a legal standpoint and a moral one.
If a nonprofit chooses a payment processor that is not PCI compliant, they will likely lose the ability to process donations and could face hefty fines for each transaction that went through the processor while it was not in accordance with the PCI’s guidelines.
Additionally, maintaining strict PCI compliance is crucial for gaining and keeping donors’ trusts. If supporters feel like their information is being put at risk, they are less likely to continue making those contributions.
AVS, or Address Verification System, is a way to check the legitimacy of a credit card transaction. It compares the address that a donor gives on a donation form to the address that is on file with that supporter’s credit card company.
AVS allows nonprofits to spot fraudsters quickly. If an address doesn’t match with the one on file with the credit card company, the payment processor notifies the nonprofit and holds the transaction until the donor’s information is verified.
BIN checking, or Bank Identification Number checking, is a form of fraud protection for ACH direct debit transactions. BIN checking analyzes the bank account number that a donor provides during a transaction and confirms (or denies) that it is legitimate.
ACH direct debit fraud is not as common as online credit card fraud, but it is still a way for fraudsters to cheat people out of their money and fool nonprofits. BIN checking is a simple but effective way to make sure that an ACH direct debit transaction is authentic.
Card not present fraud (or online credit card fraud) occurs every day. Most fraudsters will steal credit card numbers and use them for their own personal use.
But in order to check that the stolen numbers can be used, many scammers will make a small donation to a nonprofit.
If the contribution goes through, they know that the card number is still good, at least for a little while longer.
An easy way to detect this type of online credit card fraud is to be on the lookout for small, often random donations.
If you see contributions for amounts like $1.59, $2.47, or $3.13, it might be a fraudster trying to test a stolen credit card on your nonprofit’s donation page.
Another easy detection method is using an address verification system (AVS). If the address that a donor gives doesn’t match up with the address on file with their credit card company, a red flag should appear.
Avoiding all credit card fraud is impossible, but your nonprofit can minimize the number of occurrences of fraud with a few simple tips.
First, create a minimum donation amount of $15. This will deter many fraudsters from using your donation page as a testing ground for stolen credit card numbers (plus, it boosts your average gift size!) Additionally, use AVS for all credit card transactions. If something looks fishy, you should establish additional verification options to determine a card’s legitimacy.
Finally, require card verification codes on your donation forms. This additional level of security will discourage many scammers from making fraudulent donations.
A credit card refund scam is a different type of credit card fraud. It usually involves a scammer making a large donation, say $3,300. The next day, they contact the nonprofit and explain that the “donation” was made in error; they only meant to give $33, but incorrectly typed in the amount.
They then ask for a refund to a different credit card or by check, but tell the nonprofit that they can keep a portion of the donation.
The unaware nonprofit refunds the large donation to the scammer, getting hit with a chargeback fee in the process.
Truthfully, the only way to detect a credit card refund scam is to be wary of donors who ask for refunds on donations.
While there will be honest supporters who truthfully made an incorrect contribution, it’s always wise to be on the lookout for suspicious “donors” who request refunds on large donations to other credit cards or via check.
While there is no surefire way to avoid a credit card refund scam, your nonprofit can put measures in place to ensure that fraudsters aren’t making off with other people’s funds.
Simply, your nonprofit should never refund a donation to another credit card or via a mailed check. A “donor” who requests this is likely a scammer. While you will have to refund the large donation to the actual owner of the credit card, you won’t be responsible for helping a scammer make off with a lot of money.
ACH fraud is similar to a credit card refund scam. However, after asking for a partial refund on a large donation, the scammer will then contact their bank and tell them that the charity took the wrong amount, resulting in two large refunds for the fraudster.
Again, detecting ACH fraud is all about looking for suspicious refund requests. If a donor claims that a donation was made in error, they might be telling the truth. But if they say that they want the refund made to a different account or with a check, your nonprofit should pay more attention.
You might not be able to avoid all ACH fraud, but if you refuse to refund donations to other accounts or via check, you can greatly minimize the instances of ACH fraud.
Arguably, learning about the integration options that a payment processor has is one of the most important steps in selecting a payment processor. If a payment processor doesn’t integrate with your other pieces of fundraising software, you will have to manually input and sync all of the data from each piece of software.
To avoid this data nightmare, select a payment processor that integrates with all (or at least most) of your other fundraising software.
With each piece of fundraising software using the same payment processor, it doesn’t matter if your donors give via a text-to-give tool, or your standard donation form: all of the data will be synced in one place!
Of course, your organization will need to examine the various fees and costs that come along with a payment processor (as you would before purchasing any kind of software).
Make sure that you inquire about any incidental fees and recurring costs and pay special attention to the fees associated with credit card donations. Every credit card will have a different fee structure, so it’s important to understand the different costs before you get your first monthly statement.
Security should be of the utmost importance to your nonprofit. Not only will a secure payment processor protect your donors’ data, it will also help keep your organization safe from fraudsters and hackers.
Do not choose a payment processor that is not in line with the payment card industry’s data security standards.
Your nonprofit is at a much greater security risk, and you can even lost the ability to accept online donations!
Can our organization just use PayPal?
Technically, yes. Many small, up-and-coming nonprofits turn to PayPal as an easy way to accept donations while they figure out the nuts and bolts of their mission and first few projects or events.
However, PayPal is really only a bandaid fix for a nonprofit’s payment processing needs. Established organizations need a dedicated payment processor and their own merchant account in order to safely process the many donations they accept.
Because PayPal is an aggregator, all of its clients’ transactions are processed through their own merchant account. This means that if something goes wrong with that merchant account, your nonprofit’s funds (as well as other clients’ funds) are put at risk.
Additionally, a PayPal donation page cannot be customized to fit your nonprofit’s unique brand; lack of branding on a donation page reduces the average size and number of donations that your nonprofit brings in.
In conclusion, yes, your organization can use PayPal. But dedicated payment processors are a much better option in the long run.
How often does credit card fraud happen to nonprofits?
Each year, nonprofits experience an average loss of $85,000 due to credit card and ACH fraud.
Card-not-present (i.e., online) fraud peaks in the last two months of the year, with the 10 busiest days for online credit card fraud occurring in November alone.
These numbers may be intimidating and unnerving, but if your nonprofit chooses a payment processor with the proper fraud protection and prevention tools, you can minimize the risk of processing online donations.
Your nonprofit can choose to accept solely debit or credit card payments, but it’s highly advisable that you offer both to your donors.
Why? Well, as we’ve already highlighted, each payment form offers its own distinct advantages. Not all of your donors will have credit cards, but some of them will still want to give online. Other donors will want the familiarity that comes with using a credit card to make a donation or purchase.
You can give both of these demographics the option to give however they would like if you offer both credit card and ACH direct debit options!
How important is integration?
If your payment processor doesn’t integrate with your nonprofit CRM, donation page software, text-to-give tool, or other fundraising software, you will have to manually input any information from that payment processor into your other pieces of software.
Luckily, there are some payment processing options that will integrate with nearly all of your other pieces of software. This makes it easy to consolidate the donor info from your mobile bidding software, text-to-give tool, standard donation form, and more!
Flat fees are costs that occur either once or on a monthly or yearly basis. Some payment processors will charge different flat fees for different services, products, or support.
Transaction fees occur each time a donor makes a contribution using a credit card or ACH direct debit. These fees will vary depending on the card being used, but are usually a flat fee plus a small percentage of the donation. Some payment processors will offer discounted rates for nonprofits.
An incidental fee will occur whenever a specific event takes place. They are most often associated with disputed transactions and chargeback fees. There will be months where you may have to pay more incidental fees, but there will be times when you don’t have to pay any at all!
While PayPal is a widely used by for-profit businesses and nonprofits, it’s not the best option for nonprofits. Learn the many challenges you’re organization might face when using PayPal and the solutions alternative provides offer.
If your organization is looking free and low-cost nonprofit software (including payment processing tools), we’ve created a list of our top recommended providers. Keep reading to learn about excellent tools with a low price tag.
A rising trend in online donations is passwordless login options. Learn about three different types of passwordless authentication and how your organization can implement these methods in to your online fundraising tools.