SIXTH AMENDMENT TO SERVICE AGREEMENT
Exhibit 10.2
SIXTH AMENDMENT TO SERVICE AGREEMENT
This sixth Amendment to Service
Agreement (this “Amendment”) is made and entered into as
of this 29 day of January, 2007 between First Data Merchant Services Corporation (“FDMS”) and
iPayment, Inc., formerly known as iPayment Holdings, Inc. (“Customer”).
RECITALS
A. Customer and FDMS have previously entered into a Service Agreement dated as of July 1,
2002, as amended by amendments dated October 25, 2002, November 27, 2002, January 8, 2004, May 25,
2004 and July 11, 2005 (the “Service Agreement”).
B. Customer, as successor in interest to 1st Merchant Bank Card, and Concord
Payment Services, Inc. successor in interest to BUYPASS Corporation and an Affiliate of FDMS, are
parties to that certain Participation Agreement dated as of April 13, 1998 (the “1st
Merchant Participation Agreement”). The parties now desire to terminate the 1st
Merchant Participation Agreement and to incorporate the services provided thereunder into the
Service Agreement.
C. Customer, as successor in interest to xxxxxxxxxx.xxx, and Concord Payment Services, Inc.
successor in interest to BUYPASS Corporation and an Affiliate of FDMS, are parties to that certain
Participation Agreement dated as of March 22, 1999 (the “xxxxxxxxxx.xxx Participation Agreement”).
The parties now desire to terminate the xxxxxxxxxx.xxx Participation Agreement and to incorporate
the services provided thereunder into the Service Agreement.
D. Customer and FDMS, along with FDMS’s sponsoring bank partner (“Bank”), agree to negotiate
expeditiously and in good faith a Sponsorship Agreement pursuant to which Bank will provide
Customer with sponsorship and Clearing Bank services related to the solicitation of merchants and
processing and settlement of Transaction Card Transactions for certain of Customer’s Accounts
processed under the terms and conditions of this Agreement (the “Sponsorship Agreement”). The
parties acknowledge and agree that the execution of the Sponsorship Agreement is an element of the
bargain between the parties, and that FDMS would not be entering into this Amendment and offering
the prices contained herein without knowing that it would also be entering into the Sponsorship
Agreement.
E. Customer and FDMS now desire to amend the Service Agreement as set forth herein.
AGREEMENT
In consideration of the foregoing, Customer and FDMS hereby agree as follows:
1. Except as otherwise specifically set forth herein or in Exhibit B attached hereto, the
terms of this Amendment will be effective as of July 1, 2006.
2. Section 2.2 of the Service Agreement is hereby deleted in its entirety and replaced with
the following:
2.2 Communication Links.
Page 1
(a) FDMS periodically shall install or provide the means for communicating data from
its facilities or equipment to Customer’s or Customer’s designated third parties’ facilities
or equipment, subject to FDMS’s acceptance and qualification of each such third party and
such third party’s execution of and compliance with a third party service provider agreement
in a form acceptable to FDMS. Any interface between any such third party and the FDMS System
will be developed and established at its or Customer’s sole cost and expense. The method of
transmission and the media employed will be determined by FDMS taking into consideration
relevant factors such as traffic type, inbound and outbound message sizes, traffic loading
distribution, and the equipment or devices that are or may be used.
(b) If Customer desires to interface with the FDMS System to directly transmit to or
receive cardholder data from FDMS for any purpose other than reviewing reports or processing
chargebacks, Customer acknowledges that it first must comply with FDMS’s then-current
requirements for third party processors, including execution of FDMS’s third party processor
agreement.
3. Section 2.3 of the Service Agreement is hereby deleted in its entirety and replaced with
the following:
2.3 Compliance With Law.
(a) Customer is subject to a variety of federal, state and local laws, regulations and
judicial and administrative decisions and interpretations applicable to its Transaction Card
business, including, but not limited to, OFAC regulations, as amended or promulgated from
time to time (“Legal Requirements”). FDMS shall cooperate with Customer in resolving issues
relating to Customer’s compliance with the Legal Requirements in accordance with the terms of this Agreement,
including this Section 2.3.
(i) Customer is solely responsible for (i) monitoring and interpreting the
Legal
Requirements, (ii) determining the particular actions, disclosures, formulas, calculations
and procedures required for compliance with the Legal Requirements (whether to be performed
by FDMS or by Customer) and (iii) maintaining an ongoing program for compliance with the
Legal Requirements. In addition, Customer is solely responsible for reviewing and selecting
the parameter settings and programming features and options within the FDMS System that will
apply to Customer’s Transaction Card programs, and for determining that its selection of
such settings, features and options is consistent with the Legal Requirements and with the
terms and conditions of Customer’s Accounts. In making such determinations, Customer may
rely on the written description of such settings, features and options in the User Manuals,
customer bulletins and other system documentation provided by FDMS to Customer.
(ii) As promptly as possible after it first obtains knowledge thereof, Customer
shall
disclose to FDMS any violation of a Legal Requirement with respect to or related to a
Transaction processed pursuant to this Agreement where such violation could reasonably
result in FDMS’s violation of a FDMS Legal Requirement and shall take such remedial or other
actions as may be required or prudent under the circumstances.
Page 2
(b) FDMS is solely responsible for compliance with all laws, regulations and judicial
and administrative decisions applicable to FDMS as a third party provider of data processing
services, including, but not limited to, OFAC regulations, as amended or promulgated from
time to time (“FDMS Legal Requirements”). FDMS will not be responsible for any violation by
Customer of a Legal Requirement to the extent such violation occurs as a result of
performance by FDMS of the Services in accordance with the FDMS Legal Requirements,
instructions of Customer or written procedures provided by or approved by Customer. Customer
shall cooperate with FDMS in resolving issues relating to FDMS’ compliance with the FDMS
Legal Requirements in accordance with the terms of this Agreement, including this Section
2.3.
(i) As promptly as possible after it first obtains knowledge thereof, FDMS shall
disclose to Customer any violation of a FDMS Legal Requirement with respect to or related to a Transaction
processed pursuant to this Agreement where such violation could reasonably result in
Customer’s violation of a Legal Requirement and shall take such remedial or other actions as
may be required or prudent under the circumstances.
(ii) Customer acknowledges and agrees that FDMS shall have no obligation to provide
processing services to Customer or any of its Merchants or to process any Transactions in
violation of any FDMS Legal Requirement. If FDMS withholds processing services pursuant to
this Section 2.3(b)(iii), FDMS will give prompt notice of such to Customer.
(c) Subject to the terms of Article 10, FDMS and Customer shall cooperate with each
other in providing information or records in connection with examinations, requests or
proceedings of each other’s regulatory authorities.
4. Section 3.2 of the Service Agreement is hereby deleted in its entirety and of no further
force and effect.
5. Section 4.1 of the Service Agreement is hereby deleted in its entirety and replaced with
the following:
4.1 Processing Fees. Customer shall pay FDMS the Processing Fees set forth in
Exhibit B to this Agreement. [***] Customer will not be
liable for any Processing Fees or other fees unless such fees are set forth in this
Agreement (including Exhibit B), an amendment to this Agreement, a separate agreement or
other tangible documentation (including email) whereby the parties agree to the pricing for
any new services or products.
6. Section 4.4 of the Service Agreement is hereby deleted in its entirety and of no further
force and effect.
7. Section 6.1 of the Service Agreement is hereby deleted in its entirety and replaced with
the following:
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Page 3
6.1 Limitation on Liability.
(a) Each of Customer’s and FDMS’s cumulative liability for any loss or damage, direct
or indirect, for any cause whatsoever (including, but not limited to, those arising out of
or related to this Agreement) with respect to claims (whether third party claims, indemnity
claims or otherwise) relating to events in any one Processing Year shall not under any
circumstances exceed the amount of the Processing Fees paid to FDMS by Customer pursuant to
this Agreement for Services performed during the immediately preceding [***] [***] full
months; provided, however, that FDMS’s cumulative liability under Section 11.1(b)(ii) and Customer’s cumulative liability
under Section 11.2(b)(iii) relating to events in any one Processing Year shall not exceed
[***] [***] times the amount of Processing Fees paid to FDMS by Customer pursuant to this
Agreement for Services performed during the immediately preceding [***] [***] full months.
(b) The monetary limits provided for in Section 6.1(a) shall not be construed to limit
the payment obligations of Customer or FDMS, as applicable, with respect to (i) acts of
gross negligence or willful misconduct by either Customer or FDMS, (ii) breaches by either
Customer or FDMS of their obligations under Article 10 or (iii) Processing Fees, Special
Fees, or any other fee, tax, interest or other amount due and owing by Customer under this
Agreement.
8. Section 8.1 of the Service Agreement is hereby deleted in its entirety and replaced with
the following:
8.1 Term. This Agreement is effective from the date hereof and shall extend
for eight (8) Processing Years through June 30, 2010 (the “Original Term”). Processing Year
1 of the Term shall commence on July 1, 2002 and continue through June 30, 2003. For
purposes of this Agreement, a “Processing Year” means each twelve (12) month period
commencing on the first day of July and ending on the last day of following June.
9. Section 9.1 of the Service Agreement is hereby amended by the addition of the following new
subsection (h):
(h) if Customer breaches any material representations, warranties, obligations, or
covenants in this Agreement and fails to cure such breach within sixty (60) calendar days
after written notice of the breach is provided to Customer by FDMS; provided however, that
if Customer is attempting in good faith to cure such breach within said sixty (60) day cure
period but the nature of the breach prevents a cure within sixty (60) days, then Customer
shall be allotted an additional number of days to cure, provided the total number of days of
the cure period shall be no greater than one hundred twenty (120) days.
10. Section 9.2 of the Service Agreement is hereby amended by the addition of the following
new subsection (a)(vi):
(vi) if FDMS breaches any material representations, warranties, obligations, or
covenants in this Agreement and fails to cure such breach within sixty (60) calendar days
after written notice of the breach is provided to FDMS by Customer; provided
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Page 4
however, that
if FDMS is attempting in good faith to cure such breach within said sixty (60) day cure
period but the nature of the breach prevents a cure within sixty (60) days, then FDMS shall
be allotted an additional number of days to cure, provided the total number of days of the
cure period shall be no greater than one hundred twenty (120) days; provided further,
however, that if a breach relates to issues that would require system changes to cure, the
initial sixty day period shall be automatically extended by one calendar day for each
calendar day during such sixty (60) day period (or the applicable extended period) during
which there is a “freeze” on changes to the FDMS System, if any.
11. Section 9.2(b) of the Service Agreement is hereby deleted in its entirety and of no
further force and effect.
12. Section 9.4 of the Service Agreement is hereby deleted in its entirety and of no further
force and effect.
13. Sections 11.1 and 11.2 of the Service Agreement are hereby deleted in their entirety and
replaced with the following:
11.1 FDMS’s Representation.
(a) FDMS represents and warrants that the execution and delivery of this Agreement and
the consummation of the transaction herein contemplated does not conflict in any material
respect with or constitute a material breach or material default under the terms and
conditions of any documents, agreements or other writings to which it is a party.
(b) Data Security Requirements Compliance.
(i) FDMS represents and warrants that it is, and during the Term of this Agreement
will
remain, in compliance with all applicable material Data Security Requirements at its
expense.
(ii) In addition to the obligations set forth in Exhibit E of this Agreement,
FDMS
shall indemnify and hold Customer harmless from and against any and all liabilities, claims,
suits, damages, losses, costs and expenses, including any fines, penalties, reasonable
attorney fees and costs of settlement, whether third party claims, indemnity claims or
otherwise (“collectively, “Claims”) to the extent that the Claim is caused by, relates to or
arises out of (1) any security breach in or intrusion into FDMS’s computer system, or (2)
the actual loss or theft of any of Customer’s information or records containing Cardholder
or Transaction Card data or any bank account information of a payee or payor that is
generated or stored by, or on behalf of, FDMS. FDMS shall not have any liability for any
Claim to the extent such Claim is caused by, relates to or arises out of any security breach
in the computer system of Customer, Customer’s Merchants, or Customer’s or its Merchants’
agents or third party service providers, or the actual loss or theft of any information or
records containing Cardholder or Transaction Card data or any bank account information of a
payee or payor that is generated or stored by, or on behalf of, Customer, Customer’s Merchants, or Customer’s or its Merchants’ agents or third party
service providers.
Page 5
(iii) As promptly as possible after it first obtains knowledge thereof, FDMS shall
notify Customer of any security breach or data compromise of its computer system that
directly impacts cardholder data with respect to Customer’s Accounts. As promptly as
possible after it first obtains knowledge thereof, FDMS shall notify Customer of any
suspected or actual loss or theft of any information or records relating to Customer’s
Accounts containing Cardholder or Transaction Card data or any bank account information of a
payee or payor that is generated or stored by, or on behalf of, FDMS.
11.2 Customer’s Representations.
(a) Customer represents and warrants that the execution and delivery of this Agreement
and the consummation of the transaction herein contemplated does not conflict in any
material respect with or constitute a material breach or material default under the terms
and conditions of any documents, agreements or other writings to which it is a party.
(b) Data Security Requirements Compliance.
(i) Customer represents and warrants that it is, and during the Term of this
Agreement
will remain, in compliance with all applicable material Data Security Requirements at its
expense.
(ii) Without liability, FDMS has the right to withhold Services, in whole or in
part,
and immediately suspend connectivity to the FDMS System with respect to Customer, any of
Customer’s Merchants, or any of Customer’s or its Merchants’ agents or third party service
providers if Customer, such Merchant, or such agent or third party service provider, as
applicable, is not in compliance with all applicable Data Security Requirements until
Customer, such Merchant, or such agent and third party service provider, as applicable, is
in compliance with all applicable Data Security Requirements. If FDMS withholds Services or
suspends connectivity pursuant to this Section 11.2(b)(ii), FDMS will give prompt notice of
such to Customer.
(iii) In addition to the obligations set forth in Exhibit E of this Agreement,
Customer
shall indemnify and hold FDMS harmless from and against any and all Claims to the extent that
the Claim is caused by, relates to or arises out of (1) any security breach in or intrusion
into Customer’s computer system, or (2) the actual loss or theft of any of its information
or records containing Cardholder or Transaction Card data or any bank account information of
a payee or payor that is generated or stored by, or on behalf of, Customer.
(iv) As promptly as possible after it first obtains knowledge thereof, Customer
shall
notify FDMS of any security breach or data compromise of Customer’s computer system or the
computer system of any of its Merchants or any of Customer’s or its Merchants’ agents or
third party service providers. As promptly as possible after it first obtains knowledge
thereof, Customer shall notify FDMS of any suspected or actual loss or theft of any
information or records containing Cardholder or Transaction Card data or any bank account
information of a payee or payor that is generated or stored by, or on behalf of, Customer,
any of its Merchants, or any of Customer’s or its Merchants’ agents or
Page 6
third party service providers.
14. The addresses set forth in Section 12.3 of the Service Agreement are hereby deleted in
their entirety and replaced with the following:
First Data Merchant
|
First Data Merchant | |
Services Corporation
|
Services Corporation | |
0000 Xxxx Xxxxxx, XX-00
|
0000 X. Xxxxxx Xxxxxx, Xxxxx 000X | |
Xxxxx, XX 00000
|
Xxxxxxxxx Xxxxxxx, Xxxxxxxx 00000 | |
Attn: Vice President — FSP
|
Attn: General Counsel | |
Telecopy Number:
|
Telecopy Number: 000-000-0000 | |
If to Customer:
|
With a copy to: | |
iPayment, Inc.
|
iPayment, Inc. | |
00 Xxxxxx Xxxxx Xxxx, Xxxxx 000
|
26707 West Xxxxxx Xxxxx Xxxx, Xxxxx 000 | |
Xxxxxxxxx, XX 00000
|
Xxxxxxxxx, XX 00000 | |
Attn: Xxxxxx Xxxxxxx
|
Attn: Xxx Xxxxxxx | |
Telecopy Number:
|
Telecopy Number: |
15. The Service Agreement is hereby amended by the addition of a new Section 12.17 to read as
follows:
12.17 Rights to Customer’s Accounts. For the avoidance of doubt, the parties
acknowledge and agree that FDMS has no legal or equitable interest in Customer’s Accounts
under the terms of this Agreement, and that Customer shall have the sole and absolute right
to convert and transfer any Merchants to other processors.
16. Exhibit A to the Service Agreement is hereby amended by the addition of a new
subsection IV, as set forth in Attachment A hereto.
17. Section II of Exhibit B to the Service Agreement is hereby deleted in its entirety
and replaced with the new Section II of Exhibit B attached hereto.
18. Exhibit C to the Service Agreement is hereby amended by the addition of the
following new definitions:
“Card or Electronic Payment Association” means (i) Visa, MasterCard and any other
association or card issuer having proprietary rights to and clearing and oversight
responsibilities with respect to any credit or debit card used to effect Transactions and
includes any debit card network utilized to authorize and settle any debit card used to
effect Transactions and (ii) NACHA and any other association or entity having oversight
responsibilities with respect to electronic payments.
“CISP” means Visa’s Cardholder Information Security Program, as may be amended from
time to time.
“Data Security Requirements” means the Payment Card Industry Data Security
Page 7
Standard
developed by MasterCard and Visa, CISP, SDP and other similar requirements that apply to
entities that transmit, process or store Cardholder, Transaction Card or bank account
information, as may be promulgated or amended by a Card or Electronic Payment Association or
any local, state or federal legislative, judicial or administrative authority from time to
time.
“OFAC” means the United States Department of the Treasury Office of Foreign Assets
Control.
“SDP” means the MasterCard Site Data Protection Program, as may be amended from time to
time.
19. Customer and FDMS will use reasonable efforts to convert any acquired merchant portfolios
after July 1, 2006 from a third party processor to the FDMS System; provided, however, that
Customer will not be required to attempt to convert any such merchants if the merchant utilizes a
front-end product solution not supported by FDMS or if the acquired channel refuses to board
accounts on the FDMS System, or if the conversion of such merchants would not make economic or
strategic business sense to the Customer.
20. The following amendments to the Service Agreement are herby null and void and of no
further force and effect: (i) the Third Amendment to Service Agreement dated as of January 8, 2004;
and (ii) the Fifth Amendment to Service Agreement dated as of July 11, 2005.
21. The following agreements are herby terminated without penalty to any party and
are of no further force and effect: (i) the 1st Merchant Participation Agreement;
and (ii) the xxxxxxxxxx.xxx Participation Agreement.
22. Capitalized terms used but not otherwise defined in this Amendment will have the meanings
set forth in the Service Agreement.
23. In the event of a conflict between this Amendment and the Service Agreement as it relates
to the subject matter of this Amendment, the terms of this Amendment will control. Otherwise, all
terms and conditions of the Service Agreement will remain in full force and effect and likewise
apply to this Amendment.
Page 8
The parties have executed this Amendment as of the date first above written.
FIRST DATA MERCHANT SERVICES CORPORATION
By: \s\ Xxxx Xxxxxx
Name: Xxxx Xxxxxx
Title: Vice President
iPAYMENT, INC.
By: \s\ Xxxx Daily
Name: Xxxx Daily
Title: Chief Executive Officer
Page 9
ATTACHMENT A
CONCORD SERVICES
IV. Concord Services
1. Definitions. Capitalized terms used but not otherwise defined in this Section
will have the meanings set forth in Exhibit C. The following definitions apply to the terms set
forth below:
(a) “Buypass Transaction” means each instance during which Concord has electronic contact with
a point of sale device of a Merchant of Customer for the purpose of processing a transaction,
credit or refund.
(b) “Concord” shall mean Concord EFS, Inc. and any entity which, directly or indirectly, owns
or controls, or is owned or controlled by, or is under common ownership or common control with,
Concord EFS, Inc.
(c) “Concord’s Proprietary Information” shall have the meaning set forth in Section 7 hereof.
(d) “Concord Services” include Buypass services, ClientLine Services, PINless Debit
Transaction services and EFSnet Web Payment Services, as each is defined in this Section IV.
(e) “Concord System” means the computer equipment, computer software, and related equipment
and documentation used at any time and from time to time to provide the Concord Services and
includes the “Buypass” (or “Atlanta”) platform.
(f) “Concord System Specifications” shall mean the specifications, manuals, technical and
operating data and operating standards adopted, amended or supplemented and published from time to
time by Concord with respect to the Concord System.
(g) “Network” means any debit card network utilized to authorize and settle any debit card
used to effect Transactions and includes STAR, NYCE and Pulse debit card networks and such
additional debit card networks that FDMS or Concord may add in their sole discretion.
2. Buypass services. FDMS, either directly or through its Affiliates, including
Concord, or other third party service providers, shall make available to Customer and certain of
its Merchants as agreed upon by the parties data processing services on the “Buypass” platform. In
exchange for such services, Customer will pay the fees set forth in Exhibit B in the manner
set forth in this Section IV. Buypass Transaction detail is only available through ClientLine®
Services.
3. ClientLine Services. Concord has developed a product that allows Customer to access
certain databases of Buypass Transaction information maintained by Concord and communicate certain
instructions to Concord using an Internet connection to access a Concord internal web page
(“ClientLine® Services”). FDMS, either directly or through its Affiliates, including
Concord, or other third party service providers, shall make available to Customer, and Customer
shall access, ClientLine® Services in the manner described and in accordance with the
terms and conditions set forth below. The specific features and functions available through
ClientLine® Services are detailed in
ClientLine® Services documentation that
will be provided to Customer by FDMS or Concord, as may be promulgated, amended or supplemented by
FDMS or Concord from time to time (the “Documentation”). As referenced herein, such features and
functions include,
Attachment A, Page 1
among other things, (i) access to information regarding Buypass Transactions,
(ii) access to other proprietary information of Concord (“Concord Proprietary Information”), (iii)
the ability to communicate certain instructions to FDMS or Concord as specifically provided in the
Documentation (“Communications Interface”), (iv) access to and creation of Buypass Transaction
related reports (“Reporting Features”), and (v) generation of Buypass Transaction related
statements. Customer acknowledges and agrees that only the Reporting Features of the
ClientLine® Services are currently available to Customer and any additional features and
functionality of the ClientLine® Services that are made available by FDMS to Customer
will be subject to additional terms, conditions and fees mutually agreed to by the parties in
writing.
(a) Equipment. Customer shall be solely responsible, at its expense, for the acquisition,
repair and maintenance of all equipment and software necessary for it to utilize ClientLine®
Services (the “Equipment”), including without limitation a personal computer, modem, and
telecommunications and web browser software. All such Equipment must comply with all specifications
and requirements set forth in the Documentation from time to time. Customer acknowledges that for
ClientLine® Services to function properly, and to enable Customer to fully use
ClientLine® Services, Customer must maintain the Equipment and keep it in good working
order and repair, including by timely installing software upgrades or modifications.
(b) License. All right, title and interest in and to
ClientLine® Services and the
Communications Interface and Concord Proprietary Information available through the ClientLine®
Services, including without limitation all copyrights or renewals thereof, are and shall
remain exclusively owned by Concord. Until ClientLine® Services are terminated as set
forth in this Section IV, FDMS grants to Customer (i) a nonexclusive right to access and use ClientLine®
Services and the Concord Proprietary Information available through the ClientLine®
Services, and (ii) a limited, nonexclusive, revocable, sublicense to access and use the
Communications Interface, for the purposes contemplated by and subject to the terms, conditions and
limitations contained in this Paragraph and the Documentation.
(c) License Limitations. ClientLine®
Services and the Communications Interface and
Concord Proprietary Information available through the ClientLine Services are provided for the sole
use of Customer and its officers, employees or agents authorized to use ClientLine®
Services in accordance with this Paragraph. If, in utilizing ClientLine® Services,
Customer receives any confidential information of any third party, including any
Transaction-related information of any third party other than Customer or its Merchants, or any
non-public personal financial information of any consumer, or any of Concord Proprietary
Information to which it is not entitled, Customer shall notify FDMS immediately and shall not use,
copy or disclose such information to any third party.
(d) Fees. In exchange for the
ClientLine® Services, Customer shall pay the
ClientLine® Services the fees set forth in Exhibit B in the manner set forth in this
Section IV.
(e) Support Services. FDMS or Concord shall provide support services to assist Customer
with procedural questions relating to ClientLine® Services through the use of a
toll-free telephone number.
(f) Changes and Improvements. FDMS and Concord reserve the right to supplement, modify or
delete: (i) the content or format of ClientLine® Services; (ii) any data or other
information available through ClientLine® Services; and (iii) any feature, procedure,
technique or documentation with respect to ClientLine® Services or use of
ClientLine® Services by Customer. A list of the information available through
ClientLine® Services, as well as significant changes in
ClientLine® Services affecting
customers generally, shall be published from time to time by Concord and made available to
Customer.
(g) Protection and Security of
ClientLine® Services. Customer must complete the
Security Access Request Form set forth in Schedule 1, as such form may be amended or supplemented
by FDMS
Attachment A, Page 2
from time to time, and submit such form to FDMS. Upon FDMS’s approval of such form, FDMS
will issue Customer an identification code and password so it may access the ClientLine®
Services (“Access Codes”). Access Codes are the property of Concord and Customer shall not
disclose the Access Codes to anyone except upon direction from an authorized employee of Concord.
Customer acknowledges and agrees that
Customer solely is responsible for ensuring that (i) Access Codes are distributed only to
Customer’s designated officers, employees and agents who are authorized by Customer to utilize
ClientLine® Services, (ii) Customer’s officers, employees and agents protect the
confidentiality of the Access Codes and of information obtained through use of the Access Codes,
(iii) Customer’s officers, employees and agents use the Access Codes and ClientLine®
Services only for their intended purposes, and (iv) Concord is immediately notified of the
termination of any of Customer’s officer’s, employee’s or agent’s authority to utilize an Access
Code. Customer shall instruct each of its officers, employees and agents to utilize the degree of
care in protecting the secrecy of the Access Codes and the Concord Proprietary Information that
Customer uses to protect its most sensitive commercial information, but in no event less than a
commercially reasonable degree of care, and Customer shall take such additional steps as may be
necessary to monitor and enforce the confidential treatment of Access Codes and the Concord
Proprietary Information. Until the ClientLine® Services are terminated as set forth in
this Section IV, Customer shall maintain security systems sufficient to protect Concord’s
Proprietary Information, the Communications Interface, Customer’s databases and all other
confidential information contained in or accessed by Customer via ClientLine® Services
and shall ensure that all Cardholder and Buypass Transaction data is protected by Customer behind
firewalls or on servers inaccessible to third parties. Customer shall immediately notify Concord
in writing upon the occurrence of a breach of its security obligations set forth in this Section.
(h) Communications Interface. Customer represents and covenants to FDMS and Concord that all
information transmitted to Concord through the Communications Interface will be transmitted in
accordance with the Documentation and accurate and complete and Concord shall be entitled to rely
upon any and all such information or instructions received under a Customer Access Code as a duly
authorized direction of Customer unless Concord has received a written notice of revocation of
authority for such Access Code in accordance with the requirements set forth in this Paragraph
and the Documentation. Neither FDMS nor Concord shall have any liability whatsoever arising out
of any instructions communicated to Concord via the Communications Interface, including without
limitation any and all errors or omissions made by Customer with respect to such instructions.
(i) Confidentiality. Concord acknowledges that, Customer, in its use of ClientLine®
Services, may disclose to Concord certain non-public personal financial information
relating to Cardholders. Accordingly, Customer agrees to hold and use any and all such
Cardholder information in confidence, and not to disclose, reveal, copy, sell, transfer, assign
or distribute any part or parts of it, in any form, to any person or entity, or permit any of
its employees, agents, or representatives to do so, except as expressly permitted or required by
law. Customer represents and covenants that, pursuant to an agreement between Customer and each
Merchant whose Buypass Transaction information is contained in the Customer databases and
obtained via ClientLine® Services pursuant to this Section, Customer has been duly
authorized to obtain such Buypass Transaction information, and, in the event any Merchant
revokes the aforementioned authorization, Customer shall no longer obtain the Buypass
Transaction information of the applicable Merchant.
(j) Indemnification. In addition to its indemnification obligations under Article 6 of the
Agreement and as otherwise stated in this Section IV, Customer shall indemnify, defend and hold
harmless each of Concord and FDMS and each of their respective directors, officers, employees,
agents, successors and assigns from and against any and all claims, demands, damages, costs,
expenses (including reasonable attorneys’ fees), losses and liabilities arising out of all
claims and actions brought or made by any third party (including Merchants) relating in any way
to the misuse of an Access Code, or the wrongful disclosure or use of information obtained
through the ClientLine® Services, by Customer or any of its
Attachment A, Page 3
employees or agents or the Equipment under their control.
4. PINless Debit Transactions Services. FDMS, either directly or through its
Affiliates, including Concord, or other third party service providers, shall make available to
Customer and its Merchants, and Customer and its Merchants shall access, PINless debit Transaction
services in the manner described and in accordance with the terms and conditions set forth below.
Customer desires to access the Networks for the purposes of processing certain Buypass Transactions
on behalf of its Merchants without receiving PIN validation (“Pinless Debit Transactions,” also
known as “Debit Xxxx Payment Transactions”) and FDMS desires to provide Pinless Debit Transaction
services as may be permitted by the Network rules. Customer acknowledges that under no
circumstances will FDMS or Concord have any liability for Pinless Debit Transactions services and
any associated fees, penalties or charges should payment of any Pinless Debit Transaction be
rejected for any reason. Prior to and during FDMS’s provision of the Pinless Debit Transaction
services contemplated hereunder, Customer and its Merchants and Indirect Processors (as such term
is defined in Debit Network rules) shall be subject to and shall comply with the requirements of
the Networks, including without limitation, execution and completion of certain documentation and
agreements as required by the Networks; at any time that Customer or any of its Merchants or
Indirect Processors are not in compliance with such requirements, FDMS or Concord may terminate
Pinless Debit Transaction services with respect to Customer or such Merchant or Indirect Processor.
FDMS or Concord may delete any Network upon prior written notice to Customer and in accordance with
Network rules. All Pinless Debit Transactions processed hereunder shall be billed at the rates set
forth in Exhibit B, plus any applicable Transaction and Third Party Fees, in the manner set forth
in this Section IV.
5. EFSnet Web Payment Services. FDMS, either directly or through its Affiliates,
including Concord, or other third party service providers, shall make available to Customer and its
Merchants, and Customer and its Merchants shall access, the Internet gateway interface (“EFSnet”)
for use with certain Concord-certified point of sale equipment (“Equipment”) for the purposes of
processing, via the Internet, certain e-commerce payment transactions and other electronic payment
transactions initiated at the point of sale (the “EFSnet Web Payment Services”) in the manner
described and in accordance with the terms and conditions set forth
below. In exchange for such services, Customer will pay the fees set forth in Exhibit B in the
manner set forth in the Agreement.
(a) General Customer Requirements. In order to access the EFSnet Web Payment Services,
Customer shall:
(1) Successfully complete testing of the integration of Customer’s system with the EFSnet
system and the integration of the system of each of the following that will access the EFSnet
system through Customer: Merchants and third party processors (collectively the “Customer
Parties”). Customer must receive written certification from Concord of the completion of each test
with respect to Customer Parties;
(2) Until the EFSnet Web Payment Services are terminated as set forth in this Section IV,
ensure that Customer and Customer Parties are in compliance with the EFSnet Specifications (as
defined in Section 5 below) and the EFSnet interface specifications located at
xxx.xxxxxxxxxxxxx.xxx, as promulgated, supplemented or amended from time to time;
(3) Obtain and maintain, and cause Customer Parties to obtain and maintain, at their sole cost
and expense, an Internet connection;
(4) Obtain, or cause Customer Parties to obtain, an authorization of each Buypass Transaction
processed hereunder by Customer Parties, in accordance with the terms of the Agreement, including
this Section IV.
Attachment A, Page 4
(5) Regardless of whether the Transaction Card is or is not present at the point of sale,
cause Customer Parties to follow and comply with the policies and procedures established by Concord
and provided to Customer from time to time for the acceptance of such Cards.
(6) Cause its Customer Parties to maintain the confidentiality and security of the store ID
and store key issued to such Customer Party by Customer, and notify Concord immediately of any
disclosure or unauthorized use of the store ID or store key of which the Customer or a Customer
Party becomes aware.
(7) Cooperate with Concord and Networks and provide such information as is requested by
Concord and Networks to fulfill any Network requirements.
(b) EFSnet Specifications Compliance. Customer shall review and comply with, and shall cause
Customer Parties to review and comply with the EFSnet Interface Specification, the EFSnet Resource
Guide located at xxx.xxxxxxxxxxxxx.xxx, and the EFSnet transaction processing information located
at xxxx://xxx.xxxxxxxxxxxxx.xxx/Xxxxxxx/XxxXxxxxXxxx.xxx., as each may be amended, supplemented or
relocated by Concord or FDMS from time to time (collectively, the “EFSnet Specifications).
(c) Card Not Present Transactions Via the Internet. With respect to Internet Transactions
originated through EFSnet, unless otherwise directed by Concord or FDMS:
(1) Customer shall cause Merchants to complete the sales draft without the Cardholder’s
signature or an imprint but with the Cardholder’s name, billing address, card number, expiration
date of the Card, a description of the merchandise or service and the date and amount of all
charges, including taxes.
(2) Customer shall cause Merchants to obtain information to perform address verification
services and obtain and provide other information as Concord may reasonably require.
(3) Customer shall cause each Merchant, which engages in Internet Transactions to complete and
deliver to Concord in the manner instructed by FDMS or Concord an EFSnet Web Payment Services
profile, as promulgated, amended or supplemented by Concord or FDMS from time to time and delivered
to Customer.
(4) Customer agrees and acknowledges that Merchants may authorize but shall not settle sales
prior to delivery of the product or service. All Internet Transactions will be settled by Concord
into a depository institution in the United States.
(5) Customer shall cause Merchants’ web sites to contain at least the following information:
(i) complete description of the goods or services offered; (i) returned merchandise and refund
policy; (iii) customer service contact, including electronic mail address and/or telephone number;
(iv) transaction currency (U.S. dollars only); and (v) export or legal restrictions.
(6) Customer shall cause Customer Parties to process Internet Transactions only (i) if the
Transactions have been encrypted by Concord or by a third party vendor acceptable to Concord and
(ii) Cardholder data is protected by the Customer Party behind firewalls or on servers inaccessible
to third parties. Encryption is not a guarantee of payment to Merchants.
(7) If applicable based upon the manner in which a Merchant’s account is set-up, Customer
agrees and acknowledges that Internet Transactions initiated by Customer Parties are authorized and
settled through separate bank identification numbers or Interbank Card Association (collectively
“BIN/ICA”) numbers and interchanges and Customer acknowledges that Concord will be unable to
combine deposits of Internet Transactions and non-Internet Transactions.
Attachment A, Page 5
(d) Chargebacks. Customer agrees and acknowledges that Internet Transactions are subject to a
higher incidence of chargebacks and, as with other Transactions, receiving an authorization and
following procedures and complying with applicable requirements will not relieve Customer or
Customer Parties of liability for chargebacks nor for any liability associated with the fraudulent
use of data obtained off of Customer’s or a Customer Party’s website or Transaction processing
system.
(e) Fees. All Buypass Transactions initiated via the EFSnet Gateway shall be billed at the
Buypass Transaction rates set forth in Exhibit B, plus any applicable Transaction fees and Third
Party Fees.
(f) Indemnity. In addition to its indemnification obligations under Article VI of the
Agreement and as otherwise stated in this Section IV, Customer shall indemnify and hold FDMS and
Concord and each of their officers, directors, employees, shareholders and subsidiaries, from any
and all loss, cost, expense, claim, damage and liability (including attorneys’ fees and costs) paid
or incurred by any one or more of them, arising from, caused by, or attributable to, any of the
following, except to the extent due to the gross negligence or willful misconduct of FDMS or
Concord:
(1) Any action FDMS or Concord takes in accordance with or in reliance
upon information or instructions provided by Customer or Customer Parties, including
instructions regarding the routing of Transactions;
(2) Customer’s or Customer Parties’ transmission to FDMS or Concord of any inaccurate
information; or
(3) Unauthorized access to FDMS’s or Concord’s systems utilized to process, route and
authorize Buypass Transactions from a point within Customer’s or a Customer Party’s control.
6. Payment of Fees for Concord Services.
(a) Customer shall at all times be responsible for payment of all fees and charges due to FDMS
as outlined in Exhibit B.
(b) Customer shall adhere to Concord’s Merchant Debit Card Adjustment Processing Procedures
set forth in Schedule 2.
7. Third Party Beneficiary. Concord is a third party beneficiary under the Agreement
and this Section IV.
V. Special Services for Transaction Solutions and Petroleum Card Services
With respect to the Merchant Accounts processing on the “Stratus” platform that were originally
sourced under (i) the ISO Services and Marketing Agreement dated as of April 17, 2002 by and
between Transaction Solutions, LLC and Concord Transaction Services, LLC, and (ii) the Processing
Service Agreement dated as of April 16, 2001 by and between Petroleum Card Services, Inc. and CTS
Holdings, LLC, FDMS, through its affiliates, will continue to perform all services currently being
performed with respect to such Merchant Accounts as of the date of execution of this Amendment.
Attachment A, Page 6
Schedule 1 – User Security Access Request Form for ClientLine Services
INSTRUCTIONS: Please complete one Payment Services Security Access Request Form per user. You
may photocopy this form as necessary.
USER INFORMATION: o New User
o Upgrade / Modify User
o Delete User
USER LAST NAME:
|
First Name: | Middle Initial: | ||||||||
VALIDATION PHRASE OR WORD: (This field is used as additional identification for the User when
calling support. The phrase must be at least 5 and no more than 20 characters. DO NOT USE SSN):
SET-UP: (Complete the information below to indicate how User will be set up (i.e., Chain, Subchain
or Merchant ID). SELECT ONLY ONE OF THESE CATEGORIES.)
Chain (Association) ID
|
MID# & location number: | |||||
Sub-Chain (Division) Code
|
Agency/Sales # (if applicable) | |||||
MERCHANT NAME: |
||
Xxxxxx Xxxxxxx Xxxx 0 |
||
Xxxxxx Xxxxxxx Line 2: |
||
City:
|
State: | ZIP: | ||||||||
Phone: ( )
|
FAX: ( ) | E-Mail Address: | ||||||||
Account Manager (if applicable)
|
Number of locations | |||||
PRODUCTS REQUIRED: This User requires access to the following products:
For Web-Based ClientLine: Select Product Option 1, 2, & 3 **ONLY**
Product Option #1 o
|
Product Option #2 o | Product Option #3 o | ||
Settlement-Based Reporting
|
Operational Management | BuyView | ||
o Reporting
|
o Customer Service — CMS | o Atlanta Transaction History | ||
o Charge Backs/Retrievals
|
o Contract Support | o Atlanta Terminal Totals | ||
o Statements
|
o Atlanta Debit/EBT Adjustments | o Atlanta Merchant Setup | ||
o Rate Analysis
|
o Terminal Deployment — CDS Web |
o Atlanta Fleet Setup |
Product Option #4 o
* Requires a VPN login
Merchant Enrollment – AMA*
* Requires a VPN login
Merchant Enrollment – AMA*
o New ISO
- Installation & Training
o Existing ISO
- Installation & Training
o Existing ISO
User Manager/Supervisor Signature:
|
Date: | |||||
(Forms cannot be processed without the proper signature.)
User Manager/Supervisor Printed Name |
||
| DO NOT WRITE BELOW THIS LINE | ||||
Completed by:
|
Date: | |||||
Client Support Manager:
|
Date: | |||||
Data Security Memphis:
|
Date: | |||||
Data Security Wilmington:
|
Date: | |||||
Attachment A, Page 7
Schedule 2
MERCHANT DEBIT CARD ADJUSTMENT PROCESSING PROCEDURES
The Merchant debit Card adjustment processing procedures set forth in this Schedule 2, as may be
amended or supplemented by FDMS from time to time (“Adjustment Procedures”), are intended to
clarify the obligations of FDMS and Concord in processing, and of Customer and Customer’s Merchants
in submitting and processing, adjustments (including Customer or Merchant initiated chargebacks,
representments and other comparable error resolution processes) arising from Buypass Transactions
processed by Concord under this Section IV, through Networks (“Adjustments”). The Adjustment
Procedures contain deadlines for completion of Adjustment processing tasks. Failure to timely
process Adjustments may affect the fees and charges incurred by Customer or a Merchant for
Adjustments and may result in the loss of substantive Adjustment rights. Customer acknowledges and
agrees to the following terms and conditions under which Adjustments will be processed.
FEES FOR ADJUSTMENTS
For each debit Adjustment initiated by Customer or its Merchants, Customer will pay the Debit Adjustment Fee set forth in Schedule 2 to this Section IV and all related Network fees.
For each debit Adjustment initiated by Customer or its Merchants, Customer will pay the Debit Adjustment Fee set forth in Schedule 2 to this Section IV and all related Network fees.
TIMING OF ADJUSTMENTS; CONSEQUENCES OF DELAY
Each Network has a deadline after which (a) higher Adjustment fees may be incurred or (b) Adjustments will no longer be accepted for processing. Adjustments must be provided to Concord by Customer (or its Merchants) at least seven (7) Business Days before the applicable Network deadline (“Concord Deadline”) on the correct Concord adjustment form with all fields on this form completed correctly. If Customer (or its Merchants) completes any field on a Concord adjustment form incorrectly, the form will be returned to Customer and Customer (or its Merchant) must correctly complete and resubmit the form to Concord before the Concord Deadline. Concord will not be responsible for any Adjustment that is not provided to Concord in the correct format before the Concord Deadline and any increase in Network fees associated with such Adjustment regardless of the original reason for the Adjustment.
Each Network has a deadline after which (a) higher Adjustment fees may be incurred or (b) Adjustments will no longer be accepted for processing. Adjustments must be provided to Concord by Customer (or its Merchants) at least seven (7) Business Days before the applicable Network deadline (“Concord Deadline”) on the correct Concord adjustment form with all fields on this form completed correctly. If Customer (or its Merchants) completes any field on a Concord adjustment form incorrectly, the form will be returned to Customer and Customer (or its Merchant) must correctly complete and resubmit the form to Concord before the Concord Deadline. Concord will not be responsible for any Adjustment that is not provided to Concord in the correct format before the Concord Deadline and any increase in Network fees associated with such Adjustment regardless of the original reason for the Adjustment.
The Adjustment Procedures are based on Network requirements for Adjustments and therefore subject
to change if these requirements change. All time frames for Adjustments are measured from, and
include, the date the transaction is initiated at the point of sale, unless otherwise indicated. If
Customer participates in more than one Network, Customer and its Merchants should consider
processing all Adjustments in accordance with the shortest applicable deadline imposed by these
Networks in order to ensure compliance with all Network deadlines. In no event, shall Concord be
responsible for any increase in Adjustment costs, related Network fees or the loss of any of
Customer’s or a Merchant’s substantive adjustment rights if Customer fails to comply with the
Concord Deadline.
Attachment A , Page 8
EXHIBIT B
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 1
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 2
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 3
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 4
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 5
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 6
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 7
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 8
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 9
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 10
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 11
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 12
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 13
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 14
SCHEDULE 1 TO EXHIBIT B
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 15
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 16
[***]
*** Omitted pursuant to a confidential treatment request.
The confidential portion has been filed separately with the SEC.
Exhibit B, Page 17
