In contrast, they've never contacted me about PCI compliance which I think is amazing. I've always believed that PCI compliance is required for everyone who takes credit cards. I would count as a tier 3 vendor since I don't store any credit cards and my only obligation to be PCI compliant is to:
- ensure my merchant account is PCI compliant
- have my site checked by an authorized reviewer annually that it is clean and strong so that when we pass the credit card numbers, there's not problem. But I think they, as my merchant account vendor, are obliged to make sure that I am aware of these issues and in compliance.
A chargeback, also known as a reversal, is when a buyer asks their credit card issuer to reverse a transaction after it has been completed. It is available only to users who make a payment funded by their credit or debit card.
There are three main reasons a buyer will do this:
- The purchased item never arrived.
- The item was significantly different than advertised.
- Their credit card was used without their permission to purchase the item fraudulently.
Chargebacks are initiated and handled by the buyer's credit card issuer - not by PayPal - and therefore will follow that company's regulations and timeframes. That said, PayPal often plays a role in resolving chargeback disputes.