ACH is a method for accepting payments using a customer's US bank account. ACH payment transactions are processed via the Nacha Automated Clearing House system.
An ACH transaction is a non-guaranteed, delayed notification payment method. They do not have a real time authorization system like credit card payments and require webhook notifications to receive updates on the final status of the transaction.
Below is a high level workflow for an ACH payment:
- You must first collect a mandate from the customer that authorizes the merchant to collect payments via ACH.
- For personal accounts and internet/e-commerce/web transactions you must verify a bank account before processing an ACH payment. See the ACH Account Verification Options section for more details on the different ACH verification options.
- Process the ACH payment using the ACH Sale API.
- The ACH payment is typically processed within 4 days. After the ACH payment is confirmed, Shift4 will send an
ach.sale.status_updatein the webhook notification indicating the final status of the payment.
Prior to processing an ACH payment, you must first get permission from the customer by presenting a mandate. This mandate only needs to be displayed the first time you collect the ACH payment details.
The mandate must be presented as part of the payment flow on your website.
Below is a mandate text example.
Authorization. By signing below, you hereby authorize each of [Insert Merchant Name] (“Company”), its processor, and any financial institution (the “Suppliers”) working in connection with either of them, to debit your bank account up to the full amount of your purchase, including for any applicable fees, taxes, and other costs, including shipping costs. Additionally, you authorize Company to debit or credit your bank account to correct any erroneous debit, to make necessary adjustments to your payment, to issue a refund back to your bank account, or to facilitate any recurring and/or sequential debits initiated by you. This authority remains in full force and effect until Company has received written notification from you of its termination in such time and manner as to afford Company and the Suppliers to act on it. If you are planning to use the customer's bank account to process future or recurring payments you will need to include additional text in the mandate. Below is an example:
If you wish (merchant name) to charge you for services or purchases that occur on a regular basis, you are authorizing (merchant name) to debit your bank account periodically.Final language should be reviewed and approved by your legal council before adding it to your payments checkout page.
- Instant verification via online authorization through Plaid.
- Delayed verification via micro deposit transaction processed through Plaid.
- Delayed verification via Prenotification transaction processed through the NACHA Automated Clearing House system.
An ACH transaction can fail after being submitted through the Nacha system. Below are a few examples:
- Invalid bank account number
- Insufficient funds
- The customer's has disable debits on their bank account
These transaction failures are also referred to as ACH returns. Consumer bank accounts have 2 business days to return a failure response to an ACH transaction. If the return occurs before merchant funding then that transaction will be withheld from the merchant payout. If the return occurs after merchant funding then the funds for the amount of the returned transaction will be debited from the merchant's account.
An ACH transaction can be disputed similar to a credit card transaction. However, with ACH the dispute is final with no process to appeal. You must contact the customer directly to resolve the dispute. Dispute timelines vary based on whether the transaction was processed via a personal account or business account:
- Personal Account: up to 60 calendar days
- Business Account: up to 2 business days
When a dispute is received Shift4 will send out an ach.dispute.initiated webhook notification followed by ach.dispute.status_update events as the dispute is processed. Shift4 will also debit the merchant's account for the amount of the dispute and any associated fees.
When a customer disputes an ACH transaction the mandate that was accepted when initially entering the ACH payment credentials is invalidated. Before you can process another ACH transaction for that customer you must obtain a new mandate authorization.
ACH refunds can be processed as either a linked refund or as an open refund. A linked refund is used when processing a refund for a specific transaction that was previously processed via Shift4. Linked refunds can only be processed for an amount less than or equal to the original ACH Sale transaction amount. If the amount requested in the ACH Refund request is greater than the amount of the original transaction Shift4 will return an error. Open refunds can be used when processing a refund for an ACH Sale request that was previously processed outside of Shift4.
To process a refund you will to send an ACH Refund request. If the original ACH Sale was processed via Shift4 then you will include the invoice from the original ACH Sale request in the transaction.originalInvoice field to process a linked ACH Refund.
If the customer submits a dispute to their bank prior to you processing the ACH Refund request it is possible for the customer to receive two credits: one from the bank dispute and one from the refund.
While processing an ACH transaction the consumer's bank can return a notification of change response indicating that one or more of the ACH credentials have changed. If the Account Type (checking vs savings) or the Routing Number is changed, Shift4 will update the existing token in the token vault with the new values so that the next time the same token is used it will process with the new values.
If the notification of change returns a new Account Number, Shift4 will create a new token and invalidate the old one. The new token will be sent in the status update webhook notification. Any future use of the old token will result in an error.