Independent Sales Organization

Q: What is an independent sales organization (ISO)?

An independent sales organization (ISO) is a third party that provides merchant services on behalf of acquiring banks . The ISO handles the acquisition of merchants and provides support in return for commission. The acquiring bank provides merchants with the ability to process credit card payments and receive funds in their merchant account. An ISO may work with more than one acquiring bank and needs to be registered with the card schemes. Before it can begin operating, an ISO needs to be vetted to ensure it adheres to the bank and card scheme’s standards.

What is an independent sales organization (ISO)?

An independent sales organization (ISO) is a third party that provides merchant services on behalf of acquiring banks. The ISO handles the acquisition of merchants and provides support in return for commission. The acquiring bank provides merchants with the ability to process credit card payments and receive funds in their merchant account. An ISO may work with more than one acquiring bank and needs to be registered with the card schemes. Before it can begin operating, an ISO needs to be vetted to ensure it adheres to the bank and card scheme’s standards.

What types of services do ISOs provide?

ISOs are responsible for acquiring merchants, but do not directly provide the financial services needed to process and receive card payments. Services provided by ISOs can include:

Merchant acquisition and onboarding, including setting up a merchant account so the merchant can receive card payments
Technology services, such as selling or leasing physical card readers or integrating online payment gateways
Customer support, helping merchants deal with any payment-related issues they may experience
Value added services such as analytics or security and fraud prevention

How can merchants benefit from working with an ISO?

ISOs are dedicated to providing services directly to merchants. As a result, the level of service they provide may surpass that provided directly by the bank, especially to smaller merchants. Banks may be also wary of entering into a relationship with less well-established businesses or merchants in higher risk industries (adult entertainment, gambling etc.). ISOs can help these merchants open and manage an account. The rise of ISOs reflects a broader trend in the financial services industry towards decentralization, with technology driving and facilitating more individualized services.

What requirements must an ISO fulfill to operate?

An ISO must meet a number of criteria and go through a registration process before it can begin operating. The ISO requires a sponsoring bank, on whose behalf it operates. The ISO must meet the bank’s requirements, as the bank is responsible for the risks associated with any transactions processed by the ISO. If the ISO meets the bank’s requirements, it also needs to be registered with the card schemes and meet their financial standards and comply with applicable regulations. These include PCI DSS (Payment Card Industry Data Security Standard) as well as local legislation such as anti-money laundering requirements.

Partner	Name	Description	Duration
IXOPAY GmbH	cookiesConsent	Cookie Banner. Stores your cookie settings.	12 Months
IXOPAY GmbH	_fm	User centric security cookie to detect authentication abuses. Filters out computer/bot generated Website requests.	30 Minutes
Google Ireland Limited	reCAPTCHA	User centric security cookie to detect if a human being or a computer is making a specific entry in our contact or newsletter form.	6 Months
Cloudflare Inc.	cf_clearance	Used by Cloudflare (Website Security Network) to identify trusted web traffic, and protect our website against malicious activity (see Cloudflare's Cookie Informations).	30 minutes

Partner	Name	Description	Duration
Google Ireland Limited	_ga	Analytical cookie set by the service Google Analytics used to distinguish visitors. Collects data about number of visits and user journey.	2 years
Google Ireland Limited	_gid	Analytical cookie set by the service Google Analytics used to distinguish visitors. Collects data about number of visits and user journey.	24 h
Google Ireland Limited	_gat_ua-keynumber	Analytical cookie set by the service Google Analytics used to throttle the request rate, limiting the collection of data on Websites with high traffic.	Session
Google Ireland Limited	_ga_container-id	Cookie set by the service Google Analytics 4. The cookie is used to persist session state.	12 month
Microsoft Ireland Operations Limited	Clarity	Analytical service capturing your interactions on the Website such as how the page has rendered and what interactions you had on the Website (surfing behavior: mouse movements, clicks, scrolls). Microsoft collects or receives personal data from us to provide Microsoft Advertising (see Microsoft Privacy Statements). Sensitive content such as passwords, usernames, and user input are masked before sending to Microsoft.	12 months
Dealfront Group GmbH	_lfa	Analytical service that collects the visitor IP address to detect corporate visits and their geographic location. Leadfeeder only shows company visits, automatically filtering out all users visiting from residential IP addresses. All visit data is aggregated Dealfront Group GmbH / Analytical service that collects the visitor IP address to detect corporate visits and their geographic location. Dealfront only shows company visits, automatically filtering out all users visiting from residential IP addresses. All visitor data is aggregated on the company level (no reference to natural persons). Via a connection to Google Analytics, Dealfront shows company visitors' interactions on the Website (pages viewed, visitor source and duration of session). Dealfront also enriches that company data with contact data for individuals from publicly available data sources (eg. LinkedIn).	24 months

Partner	Name	Description	Duration
Google Ireland Limited	_gcl_au	Conversion-cookie set by the service Google Ads for assessing advertisement efficiency across our Websites and on websites of our marketing- & advertising partners.	3 months
Google Ireland Limited	_gac_gb_container-id	Cookie which connects Google Analytics und Google Ads. Google Ads website conversion tags will read this cookie.	90 days
Microsoft Ireland Operations Limited	Universal Event Tracking (UET)	Conversion-cookie set by the service Microsoft Advertising for assessing advertisement efficiency across our Websites and on websites of our marketing- & advertising partners. In general, the cookie in the relevant domain and your IP address are passed to Microsoft with every http request and not just via UET.	13 months

Glossary

Independent Sales Organization