In October 2017, Visa issued new rules regarding the use of stored credentials. This mandate requires specific handling and transmission of stored credentials (in this case, tokens representing payment data). Currently, the CardPointe Gateway is not compliant with this mandate; however CardConnect is working to achieve compliance by enhancing the CardPointe Gateway and related applications and services.

See the following documentation from Visa for detailed information:


CardConnect acknowledges that some of its merchants may be operating out of compliance, and we are currently working to meet this and other compliance initiatives. To address any non-compliance issues, Visa should contact CardConnect or FirstData before contacting merchants directly; however, if Visa provides a non-compliance notice directly to a merchant, the merchant should contact CardConnect.

CardConnect and First Data will work directly with Visa and the merchant, to provide information on our effort to become compliant, which may include documentation, technical designs, proposed feature changes, and the timeline for implementation. CardConnect will communicate these plans with its merchants as they become available.

Merchants and their business operations should not be directly impacted while CardConnect works to become compliant with this mandate.