Payment Authorization and Authentication for eCheck Transactions
eCheck transactions must include both payment authorization and customer authentication in order to be successful.
For eCheck transactions, an authorization is a paper or electronic document or record "signed"
by the customer that authorizes a merchant to submit a charge transaction against their
bank account. Merchants are required to obtain authorization from their customer before
charging the customer's bank account. Payment authorization must include:
- Clear and conspicuous statement of the terms of the transaction, including amount.
- Written language displayed to the customer that is readily identifiable as an authorization by the customer for the transaction (for example, "I authorize [Merchant] to charge my bank account") and that can be reproduced.
- Evidence of the customer's identity.
- The date the authorization was granted and the effective date of the transaction (the transaction may not be processed before the effective date).
- The bank account number to be charged. Only US-based personal checking, savings, and business checking accounts may be used for processing eCheck transactions. Some banks may disallow certain types of these accounts from being used. Contact your bank to verify the types of checking accounts from which you may process eCheck transactions.
- The nine-digit ABA routing number of the customer's bank. The customer can locate their bank's ABA routing number, as well as their bank account number, at the bottom of one of their paper checks.
For recurring transactions, the following must also be provided:
- The frequency of the charge.
- The period for which the customer's payment authorization is granted.
- Written language indicating that the customer may revoke the authorization by notifying the merchant as specified in the authorization.
IMPORTANT
It is not acceptable to identify a customer when they log in to a website
and then later consider that login an authentication when authorizing an ACH
transaction.