Introduction
- What it is: This MCC covers businesses that perform diagnostic services, including those related to laboratory testing and analysis.
- Risk level: Medium — Due to potential for regulatory scrutiny and varying accuracy of diagnostics.
- Acceptance difficulty: Medium — While generally acceptable, concerns over service quality can arise.
- Typical business models: medical laboratories; diagnostic testing centers; clinical research organizations; blood banks.
- For merchants: Expect moderate MDR; potential for reserves based on service reliability; longer approval processes in some cases.
- What PSPs expect: Valid business registration; compliance documentation; a detailed description of testing services offered.
Payment Insights & Benchmarks
Merchants in the CROSSLAND MCC should plan for higher payment friction compared to standard e-commerce. Acceptance often depends on method mix, fraud controls, and PSP risk appetite.
Payment methods
Cards: may face stricter scrutiny and lower approval rates based on risk factors.
- E-wallets: popular for convenience but can be subject to higher fees.
- Instant bank transfers: gaining traction, though chargeback protection may vary.
- Prepaid cards: used for partial anonymity and reduced fraud risk.
- Alternative payment methods: less common, but can attract specific customer segments.
Authentication & security
Strong customer authentication (SCA) measures like 3DS are generally required.
- While these improve security, they can also lead to increased cart abandonment.
- Continuous monitoring for fraud patterns is essential to mitigate risks.
Benchmarks (indicative, not guaranteed)
MDR: often higher than traditional e-commerce sectors.
- Rolling reserves: can be substantial due to increased fraud risks in this sector.
- Settlement time: typically longer than average, often exceeding seven days.
- Chargeback ratios: may be elevated compared to other industries.
- Card approval rates: usually lower; alternative payment methods often perform better.
Key metrics to monitor
Authorization rates segmented by payment method and device.
- Chargeback rates categorized by fraud vs. legitimate disputes.
- Customer engagement metrics to assess abandonment related to authentication.
- Average transaction value and associated risk metrics.
Risk & Compliance
Merchants under the MCC 3822, often related to medical goods and services, face significant financial and reputational risks. As a result, PSPs and acquirers enforce stringent compliance measures to mitigate fraud, manage chargebacks, and uphold AML/KYC standards.
Chargebacks & fraud
Frequent instances of friendly fraud where customers claim they did not authorize the purchase of medical products or services.
- Abuse of chargeback mechanisms, including false claims around non-receipt or dissatisfaction with services.
- Common fraud mitigation tools include velocity checks to monitor rapid transaction patterns, device fingerprinting to identify repeat offenders, and transaction threshold alerts.
AML/KYC expectations
Strong identity verification processes are expected, including government-issued ID checks and address verification.
- Enhanced scrutiny on source-of-funds, particularly for large transactions or atypical purchasing behavior.
- Manual review triggers include significant variations in purchase frequency, unusual transactional geography, or complex payment structures.
Operational red flags
Lack of transparency in business ownership, such as hidden operators or unclear relationships with third-party suppliers.
- High volume of transactions from high-risk jurisdictions or customers using unverified payment methods.
- Missing policies for refunds or returns that leave customers vulnerable and expose merchants to higher dispute rates.
- Insufficient monitoring practices around customer behavior and transaction trends that may indicate potential abuse or fraud.
Onboarding Checklist
Merchants under this MCC should prepare a complete onboarding package before approaching PSPs or acquirers. A well-structured submission improves approval chances and shortens review times.
Legal & corporate documents
company registration and incorporation documents
- disclosure of beneficial owners (UBO) and corporate structure
- valid licenses for the relevant business activities
- policies: Terms of Service, Privacy, AML/KYC, Refund Policy
Financials & risk management
recent financial statements and cashflow forecasts
- liquidity or reserve model for payouts
- description of antifraud setup and monitoring tools
Product & marketing
demo access or screenshots of the live platform
- marketing plan and traffic source overview (affiliates, SEO, PPC)
- geographic targeting information
- KYC flow details, including IDV providers and thresholds
Technical integration & security
payment architecture overview with supported methods/providers
- description of SCA/3DS flows, retry logic, and tokenization
- PCI DSS compliance status and data storage policy
Operations
customer support coverage (languages, 24/7 if available)
- SLA for dispute handling and chargeback response
- deposit, bet, and payout limits; self-exclusion mechanisms
- internal process for chargeback investigation and documentation
Regulation & Licensing
Licensing and certification are critical for merchants in this MCC, as PSPs and acquirers will require proof of compliance before onboarding. Recognition of licenses depends heavily on the merchant’s jurisdiction and the markets they target.
Operator licenses
Federal Communications Commission (FCC) — essential for telecommunications operators in the United States.
- Ofcom (UK) — regulates communications in the UK and is crucial for companies operating within its jurisdiction.
- National Telecommunications and Information Administration (NTIA) — oversees telecommunications policies and may require specific licenses depending on services offered.
- Telecommunication Regulatory Authority (TRA) — specific to markets in the Middle East, recognizing compliance with local telecommunication laws.
- Some regions may also require local business licenses or permits for specific telecommunications activities.
Geo-restrictions
Different countries may have specific regulations restricting telecommunications services, affecting service availability.
- The European Union has regulations impacting how telecommunications services can operate across member states.
- Some jurisdictions impose strict regulations on VoIP services, limiting their acceptance in certain markets.
Certifications & audits
PCI DSS compliance for secure payment processing within telecommunications.
- ISO 27001 for information security management systems, ensuring data protection standards.
- Regular audits for compliance with local telecommunications regulations and standards.
- GDPR compliance if dealing with personal data from EU citizens, indicating adherence to privacy regulations.
Official Definitions & Network Comparisons
This section shows how major card networks define this MCC and highlights practical differences that affect merchant onboarding.
| Network | Definition | Key notes |
|---|---|---|
| Visa | Other medical and health services | May require proof of accreditation; monitor for high-risk areas |
| Mastercard | Medical services not elsewhere classified | Needs thorough vetting; may restrict certain health products |
| American Exp. | Health and medical services not otherwise classified | Higher scrutiny for service types; potential limits on referral services |
| Discover | Medical and health-related services | Requires valid certifications; specific denial risks associated with non-compliant services |
Explanation:
While there is a general agreement on classifying these services under medical and health categories, differences in the exact terminology can affect how businesses are onboarded. For example, the term "medical services" could encompass various levels of care or support, necessitating additional scrutiny from some networks. Common pitfalls leading to rejections often stem from insufficient accreditation, geographical limitations, or the involvement of non-compliant service types.
Alternative MCC Codes
Merchants often confuse this MCC with other categories. The table below shows which codes are related, why they are confused, and what risks misclassification brings.
| MCC | How it is used | Why confused | When acceptable | What is risky |
|---|---|---|---|---|
| 3821 | R&D in physical sciences | “We conduct science-related research” | Genuine research and development facilities | Misclassifying commercial (non-R&D) activities as R&D |
| 7372 | Computer programming services | “Our tech team creates software” | Custom software development by a vendor | Classifying service providers without R&D as programming |
| 7999 | Other amusement and recreation services | “We offer recreational activities” | Acceptable for specific amusement activities | General recreation may not qualify under this code |
| 4829 | Wire transfer money orders | “We transfer funds for research purposes” | Acceptable for actual research fund transfers | Using this code for unrelated financial transactions |
Rule of thumb for merchants:
Make sure to classify your business activities accurately based on their primary purpose. If your focus is on genuine research or specialized services, then the MCC codes are appropriate; otherwise, misclassifying can lead to compliance issues and potential financial penalties.
Best Practices for Merchants
Merchants classified under MCC 3822 face unique challenges related to payment processing and risk management. Adhering to best practices in operations and compliance is essential for maintaining smooth transactions and reducing exposure to chargebacks.
Classification & transparency
always use the correct MCC to avoid risk of account closure; misclassification can lead to severe penalties
- clearly display relevant licenses and operational policies on your website, ensuring customers understand your business model
- maintain transparent business practices and ensure billing descriptors accurately reflect the transaction
Fraud & chargeback reduction
implement 3DS or step-up authentication for transactions that show high-risk signals (such as high-value purchases or unusual geographic locations)
- provide clear and immediate billing descriptors, alongside confirmation emails or SMS to validate transactions
- maintain detailed logs of all transactions and any related events to support your case in potential disputes
Payment acceptance optimization
diversify your payment methods by supporting cards, wallets, bank transfers, and other localized options to minimize reliance on a single payment provider
- analyze transaction data to effectively route payments based on geography or bank performance, adapting to provider strengths in real-time
- consider using separate Merchant IDs (MIDs) for different types of transactions or geographic regions to streamline compliance
Operational discipline
establish clear KPIs such as authentication rates, decline reasons, chargeback ratios, and average revenue per user to continuously monitor performance
- conduct regular compliance audits and refresh internal policies to adapt to any regulatory changes or industry trends
- designate a dedicated team or individual solely focused on disputes, ensuring timely handling of conflicts with set response times
Payouts & liquidity
keep adequate liquidity reserves to accommodate rolling reserves and potential delays in payout settlement
- utilize automated anti-money laundering (AML) checks for all withdrawal requests, particularly those approaching significant thresholds
- closely monitor withdrawal patterns for unusual behaviors that could indicate fraudulent activities or other risks
Business Scope & Examples
This MCC covers businesses primarily involved in the sale of medical and diagnostic equipment, supplies, or services. Merchants classified under this category typically provide products or services integral to healthcare, where customers make payments for necessary medical-related activities. The scope focuses specifically on transactions that involve real medical equipment or services.
Models
wholesale and retail distributors of medical devices
- manufacturers of diagnostic equipment (e.g., MRI machines, ultrasound devices)
- suppliers of surgical instruments and healthcare consumables
- home healthcare service providers (e.g., oxygen services, mobility aids)
- medical equipment rental services
Borderline cases
Health and wellness products — items like supplements or fitness trackers may be related, but they aren't classified under this MCC unless explicitly for medical use.
- Cosmetic surgery services — while related to health, these may fall under different categories focused more on aesthetics rather than medical necessities.
Signals for correct classification
products are intended for medical use in diagnosis, therapy, or patient management
- services provided directly relate to healthcare or medical equipment
- transactions involve significant oversight or regulation typical for medical equipment sales
Comments