How to Migrate to a New Payment Processor Without Disrupting Business
Merchants often find themselves in the position of wanting, or needing to migrate to a new payment processor. This is normally either to take advantage of lower fees or superior services - but is rarely without challenges. No business wants to invite disruptions, even when migrating to a new payment processor; but avoiding problems takes significant planning.
Why migrate to a new payment processor?
Most payment service providers (PSP) offer a somewhat unique fee structure, service set, and customer experience.
Many merchants start as clients of full-service PSPs, or aggregators, who eliminate the need for the merchant to jump through many of the hoops that can be necessary to start transacting credit card payments - like acquiring a merchant account, or becoming PCI-DSS compliant. Those full-service PSPs, while providing a valuable service that helps merchants get live quickly, unsurprisingly charge higher fees than those with more barebones offerings. It is, therefore, extremely common for high-service PSP customers, as their transaction volume grows, to decide to migrate to a new payment processor.
Even merchants working directly with gateways find that, from time to time, opportunities arise to reduce their transaction costs or access new capabilities, particularly when they are operating at a high volume. Often, successful merchants will not just migrate to a new payment processor, they will in fact add additional PSPs to their environments and commit to a multi-processor strategy.
What disruptions delay migrations to new payment processors
One of the key sources of delay in payment processor migrations is the transfer of stored customer credit card information. Generally speaking, the existing payment processor will hold the merchant’s customers’ PII in their own environment and provide a token to the merchant. These tokens can be used to complete future transactions: this is how merchants are able to offer customers the option to save their credit card information securely. However, in order to migrate to a new payment processor and retain the ability to access those stored credit card details, the old processor must pass them to the new one, and the new one must pass new tokens back to the merchant.
Unsurprisingly, arranging for details to be shared from one PSP to another, particularly when the entity currently holding the information is losing a customer, can be long winded, complex, and expensive. Once that is finally completed, the process of having the new processor issue new tokens, then accurately switching those with the ones from the old processor, can disrupt the final steps of the process.
The best way to avoid disruptions while migrating to a new payment processor
Perhaps unsurprisingly, the simplest way to avoid those data migration disruptions is not to allow them to happen in the first place. If the original payment processor does not hold the merchant’s customers’ credit card information, then it cannot disrupt the migration process with excessive delays or fees to transfer that data.
This is why many merchants today opt to use a third party tokenization service provider (TSP) like Basis Theory to act as an intermediary. Cardholder information is stored in the TSP’s secure vault, and the TSP issues the token to the merchant; the merchant can then instruct the TSP to share the card information with whichever PSP they choose - without ever bringing that PII in-house and putting themselves in position to have to become PCI-compliant.
As an added bonus, by opting to use a TSP as an intermediary between their own systems and their original PSP, merchants have more options than to simply migrate to a new payment processor when better alternatives are available. Because the cardholder data is securely stored in the TSP vault, the merchant can sign on with multiple PSPs, and use intelligent routing to decide which processor will be asked to complete each transaction. In this way merchants can increase their likelihood of successfully executing each sale, reduce their fees, and build leverage in future negotiations with service providers.
Reducing migration disruption also protects against regulatory scope
Merchants that initiate their business using full-service PSPs often do so because they are moving at lightning speed to get to market, and have neither time nor resources to build fully PCI-compliant environments. Those full-service PSPs take on all the compliance risk, but also charge fees that reflect the additional responsibility, and use their guardianship of customer data as a lock-in device to keep merchants from migrating to new payment processors.
Ironically, using a TSP delivers the same security for customer data, without the lock-in to a single payment processor; it also allows for the use of any kind of PSP from the most barebones gateway to high risk merchant accounts to full-service processors. Because the PII is submitted to, and securely stored by, the TSP, and is passed to payment processors without ever being shared in plain text with the merchant, the PCI-compliance responsibility is retained by the TSP.
Avoid migration disruption by retaining ownership of card and customer data
Merchants who have their customers’ credit card data stored securely at a TSP are able to migrate to a new payment processor without disruptions - including time, resources, and money. They also have the option not only to migrate away from an existing PSP, but in fact to retain it and add others, and to use smart routing to send each transaction to the best processor for the job.
Basis Theory is a TSP that has assisted several customers—like Passes—in seamlessly migrating to a new payment processor without disruption to their business. Contact us if you are interested in learning how.