Introduction
- What it is: This MCC covers businesses that provide data processing and information retrieval services.
- Risk level: Medium — The nature of information handling can pose data security risks.
- Acceptance difficulty: Medium — While acceptable, some providers may scrutinize operations due to privacy concerns.
- Typical business models: data mining services; online research firms; database management companies; information brokers; libraries.
- For merchants: Expect moderate MDR rates; potential for reserve maintenance; and thorough vetting during approval processes.
- What PSPs expect: Valid business registration; transparency on data practices; compliance with service quality standards.
Payment Insights & Benchmarks
Merchants in the Information Retrieval Services MCC should anticipate unique payment dynamics that could impact transaction processing and customer experience. Navigating these challenges requires a keen understanding of payment methods, risks, and important financial metrics.
Payment methods
Cards: commonly accepted but may face higher decline rates depending on customer risk profiles.
- E-wallets: favored for their speed and convenience, but fees may vary significantly.
- Subscriptions: recurring billing models can help stabilize cash flow, but must manage churn effectively.
- Bank transfers: secure for larger transactions but can lead to longer processing times.
Authentication & security
Enhanced security measures such as 3DS (Three-Domain Secure) are often mandated for online purchases.
- Strong customer authentication (SCA) adds friction but helps mitigate fraud risk.
- Ongoing monitoring for breaches is essential, considering the sensitivity of data handled.
Benchmarks (indicative, not guaranteed)
MDR: typically higher than standard e-commerce due to specialized services.
- Rolling reserves: may be assessed based on transaction volume and risk profile, often around 10-20%.
- Settlement time: generally slower, commonly exceeding 7 days.
- Chargeback ratios: can be elevated, especially if transactions are unclear or if service quality varies.
- Approval rates: generally lower compared to mainstream retail; however, subscription models may see higher success rates.
Key metrics to monitor
Transaction approval and decline rates segmented by payment method.
- Customer onboarding metrics to gauge friction points during payment processes.
- Chargeback reasons to identify patterns and troubleshoot service issues.
- Monthly cash flow forecasts based on subscription models versus one-time payments.
Risk & Compliance
Merchants operating under the MCC 7375 (Information Retrieval Services) face distinct challenges related to the management of chargebacks, fraud, and compliance with AML/KYC regulations. Due to the nature of their services, PSPs and acquirers maintain vigilant oversight to mitigate financial and reputational risks.
Chargebacks & fraud
Common chargeback reasons include friendly fraud (customers disputing legitimate charges) and high rates of unclear service descriptions leading to consumer confusion.
- Fraud schemes may involve the use of stolen credit cards and account takeovers.
- Effective mitigation tools include device fingerprinting, behavioral analytics to monitor user patterns, and real-time alerts for unusual transaction activity.
AML/KYC expectations
Merchants must implement robust identity verification processes, including government-issued ID checks and sanctions list screening.
- Ongoing source-of-funds verification is expected, especially when transactions exceed normal limits or involve high-risk jurisdictions.
- Manual review triggers include consistent large transactions, use of disposable email addresses, or multiple accounts originating from the same IP address.
Operational red flags
Lack of clarity regarding service offerings and unclear ownership can alarm PSPs, suggesting transparency gaps.
- Sudden spikes in transaction volume from questionable traffic sources or unverified affiliates might raise concerns.
- Insufficient customer support channels for dispute resolution can lead to operational scrutiny.
- Absence of clear policies on cancellations or refunds can negatively impact consumer trust and attract chargebacks.
Onboarding Checklist
Merchants under the Information Retrieval Services MCC should prepare a complete onboarding package before approaching PSPs or acquirers. A well-structured submission improves approval chances and shortens review times.
Legal & corporate documents
company registration and incorporation documents
- disclosure of beneficial owners (UBO) and corporate structure
- valid licenses for the relevant business activities
- policies: Terms of Service, Privacy, AML/KYC, Refund Policy
Financials & risk management
recent financial statements and cashflow forecasts
- liquidity or reserve model for payouts
- description of antifraud setup and monitoring tools
Product & marketing
demo access or screenshots of the live platform
- marketing plan and traffic source overview (affiliates, SEO, PPC)
- geographic targeting information
- KYC flow details, including IDV providers and thresholds
Technical integration & security
payment architecture overview with supported methods/providers
- description of SCA/3DS flows, retry logic, and tokenization
- PCI DSS compliance status and data storage policy
Operations
customer support coverage (languages, 24/7 if available)
- SLA for dispute handling and chargeback response
- deposit and withdrawal limits; self-exclusion mechanisms
- internal process for chargeback investigation and documentation
Regulation & Licensing
Licensing and certification for merchants in the Information Retrieval Services MCC are essential due to the sensitive nature of the data they handle. Payment Service Providers (PSPs) and acquirers require proof of compliance to mitigate risks associated with data privacy and security, which varies by jurisdiction and target market.
Operator licenses
Data Protection Authority licenses — required for businesses handling personal information in jurisdictions like the EU and UK.
- Federal Trade Commission (FTC) compliance in the U.S. — while not a license, adherence to FTC guidelines is critical for operations involving consumer data.
- Telecommunications licenses in some regions — necessary for operators providing data retrieval services integrated with telecommunication systems.
- Local or regional business operation licenses — required depending on the specific services offered and the market served.
Geo-restrictions
Regions with strict data privacy laws (e.g., GDPR in the EU) may limit how data can be processed and stored.
- Some countries impose bans on foreign data handling services, limiting market access.
- Countries with stringent telecommunications regulations may restrict services based on local licensing requirements.
Certifications & audits
PCI DSS compliance for handling payment card information securely.
- SOC 2 audits to certify service organizations' controls relevant to data security and privacy.
- GDPR compliance audits for businesses operating in or serving clients in the EU.
- Regular data protection impact assessments as part of regulatory compliance.
Official Definitions & Network Comparisons
This section shows how major card networks define this MCC and highlights practical differences that affect merchant onboarding.
| Network | Definition | Key notes |
|---|---|---|
| Visa | Information retrieval services, including data processing and online library services | Requires compliance with data handling regulations; some services may need additional vetting |
| Mastercard | Services providing access to information or documents retrieved from archives or databases | May require specific licensing; subject to data privacy audits |
| American Exp. | Services related to retrieval of data or documents over the internet | Typically more stringent assessments for data security compliance |
| Discover | Online and offline information retrieval services for consumers and businesses | Must adhere to local laws regarding data access; risk evaluations on service providers |
Explanation:
The terminology used by networks such as “information retrieval services” versus “data processing” has implications on how services are categorized and approved. Specific compliance requirements can differ, especially around data handling and privacy regulations. Common reasons for onboarding denials may include inadequate licensing, failure to meet data security standards, or non-compliance with local laws.
Alternative MCC Codes
Merchants often confuse this MCC with other categories. The table below shows which codes are related, why they are confused, and what risks misclassification brings.
| MCC | How it is used | Why confused | When acceptable | What is risky |
|---|---|---|---|---|
| 7370 | Computer programming services | “We provide IT services” | Custom software development agencies | Misclassifying a data retrieval service as programming |
| 4812 | Communications services | “We transmit information” | Telephone, data, and internet services | Misclassifying software-based services as direct communication |
| 4111 | Transportation services | “We help in logistics” | Transport services with logistical assistance | Misclassifying a retrieval service as transport-related |
| 7376 | Computer facilities management | “We manage IT facilities” | IT infrastructure management services | Misclassifying informational services as facility management |
Rule of thumb for merchants:
If your primary business involves information retrieval and data services, ensure you classify under MCC 7375. Using another MCC in an attempt to redefine your service can lead to non-compliance and potential account issues.
Best Practices for Merchants
Merchants under the MCC 7375, which covers Information Retrieval Services, must navigate unique operational challenges while maintaining a positive relationship with payment service providers (PSPs). By adhering to the best practices listed below, merchants can enhance their service offerings, reduce risks, and promote financial sustainability.
Classification & transparency
always use the correct MCC, as improper classification can lead to account termination
- ensure website disclosures include clear terms of service, subscription details, and data usage policies
- maintain transparent communication regarding service offerings and fees to avoid misunderstandings
Fraud & chargeback reduction
implement 3DS or step-up authentication for high-risk transactions to lower fraud rates
- utilize clear and recognizable billing descriptors to help customers identify transactions easily
- log user actions and interactions to create evidence trails for dispute situations
Payment acceptance optimization
offer diverse payment methods (credit/debit cards, digital wallets, etc.) to accommodate customer preferences
- optimize payment routing based on user location, device type, and historical data to improve approval rates
- test different PSPs and configurations (A/B testing) to determine the most effective payment processing setup
Operational discipline
define and monitor KPIs such as transaction approval rates, chargeback ratios, and customer feedback
- conduct regular compliance audits and update internal processes to ensure adherence to best practices
- establish a dedicated team or individual responsible for managing and resolving disputes promptly
Payouts & liquidity
set aside liquidity buffers to manage rolling reserves effectively and cover potential refunds
- automate AML checks on withdrawals, particularly for high-value transactions, to prevent fraudulent activities
- closely monitor payout trends and user withdrawal patterns to quickly identify anomalies and take action
Business Scope & Examples
This MCC encompasses businesses that provide information retrieval services, including those that allow users to access and search for data or content across various platforms. Merchants classified under this category typically offer services where users pay for access to databases or information systems that facilitate data retrieval.
Models
online information services (e.g., databases, archives)
- data mining and analytics platforms
- market research and trend analysis services
- online library services and academic resources
- digital content aggregators and subscriptions
Borderline cases
Website hosting services — while they facilitate access to information, they focus more on infrastructure rather than retrieval and may fall under different MCCs.
- Online forums and community sites — these may provide information retrieval functionality but are primarily user-driven and generally classified separately.
Signals for correct classification
charges customers for direct access to proprietary databases or information
- provides searchable content that requires a subscription or one-time fee
- enables professional or academic users to retrieve specific data or analyses
Comments