What is a manually entered card payment?
A manually entered card payment is a transaction in which a customer’s card details have been typed into and processed in the Stripe Dashboard. This includes the following:
Why are transaction fees higher for manually entered card payments?
Transaction fees on cards entered manually in the Stripe Dashboard are 3.4% + 30¢ for businesses on standard pricing based in the US and 3.4% + C$0.30 for businesses based in Canada compared to 2.9% + 30¢ and 2.9% + C$0.30, respectively, for standard card payments.
The higher fees reflect the cost of higher fraud rates associated with collecting customer card details by phone or other unencrypted sources. Directly typing in sensitive customer data bypasses much of the security that’s built into Stripe’s online payments. As a result, we see higher fraud rates on manually entered payments, leading to higher costs for Stripe.
What are alternatives to manually entering card information in the Dashboard?
Below are alternatives to consider for more secure and easy-to-use payment options that allow your customer to directly enter their card information:
Payment option |
Pricing for US businesses |
Pricing for Canadian businesses |
2.9% + 30¢ per transaction |
2.9% + C$0.30 per transaction |
|
Starting at 3.3% + 30¢ per paid invoice |
Starting at 3.3% + C$0.30 per paid invoice |
|
Price varies |
Price varies |
|
Terminal |
2.7% + 5¢ per transaction |
2.7% + C$0.05 per transaction |
Strong Customer Authentication and manually entered card payments in Europe
In the context of Strong Customer Authentication (SCA), card details collected over the phone or by mail do not require authentication. This type of payment is often referred to as “Mail Order and Telephone Orders” (MOTO). If your account is in the European Economic Area (EEA), payments made by manually entering card details in the Dashboard will be automatically marked as MOTO by Stripe.
PCI burden and manually entered card payments
When card information is manually entered into the Dashboard, we can’t verify that it’s being kept secure outside of Stripe. You’re then responsible for ensuring the protection of card data in accordance with the PCI compliance requirements. You’ll be required to upload your SAQ C-VT form annually to prove your business is PCI compliant. You will not need to upload an SAQ form if you use the above "What are alternatives..." section instead of manually entered card payments. Refer to the Integration security documentation to better understand PCI requirements.
If you need to process phone and mail payments via the Dashboard or API, contact us to enable this feature on your Stripe account.