Introduction
- What it is: This MCC covers businesses providing investigative, protective, and security services, including armored vehicle services.
- Risk level: Medium — Due to the potential for liability and fraud in security-related operations.
- Acceptance difficulty: Medium — While some PSPs are open to these services, others may impose stricter conditions.
- Typical business models: private investigation firms; security guard companies; armored car services; guard dog services.
- For merchants: Expect moderate MDR rates; possible reserves; and a thorough review process for onboarding.
- What PSPs expect: Detailed business plans; proof of insurance and licenses; clear descriptions of services offered.
Payment Insights & Benchmarks
Merchants in this MCC should plan for higher payment friction compared to standard e-commerce. Acceptance often depends on method mix, fraud controls, and PSP risk appetite.
Payment methods
Cards: often filtered by geo and traffic source, with lower approval rates due to perceived risk.
- E-wallets: a viable alternative, increasingly popular for quick transactions.
- A2A (Account-to-Account): useful for high-value transactions but may face stringent checks.
- Payment plans and invoicing: common in B2B transactions, often requiring credit assessments.
Authentication & security
Strong authentication measures (3DS, SCA) are frequently implemented to mitigate fraud risks.
- These tools can enhance security but may lead to increased transaction abandonment.
- Ongoing fraud monitoring is essential due to the higher risk associated with security services.
Benchmarks (indicative, not guaranteed)
MDR: typically higher than standard e-commerce due to associated risks.
- Rolling reserves: often required, possibly in the double digits or higher.
- Settlement cycles: usually extended (7+ days) due to risk assessment protocols.
- Chargeback ratios: elevated compared to average, reflecting the potential for disputes in the sector.
- Card approval rates: lower than typical retail, with alternative methods having varying success.
Key metrics to monitor
Authorization rates by payment method and service type.
- Decline reasons and corresponding fraud markers to understand patterns.
- Chargeback ratios along with disputes categorized by type.
- Customer transaction behavior and lifecycle to identify potential red flags.
Risk & Compliance
Merchants operating under the MCC 7393 face significant scrutiny from PSPs and acquirers due to the nature of their services, which often involve sensitive customer information and high-value transactions. Compliance with risk management practices is essential to mitigate fraud and chargeback risks, as well as to adhere to AML/KYC requirements.
Chargebacks & fraud
High levels of friendly fraud (e.g., customers claiming unauthorized transactions) and service misuse can lead to disputes.
- Fraudulent activities may include the use of stolen identities to book protective services or the manipulation of security systems for fraudulent claims.
- Effective fraud mitigation tools include device fingerprinting, transaction monitoring systems, and behavioral analytics to detect unusual patterns.
AML/KYC expectations
Strong identity verification processes, including government-issued ID checks and corroboration of personal information.
- Enhanced due diligence for higher-risk customers, with sanctions checks against national and international lists.
- Manual reviews should be triggered by transactions involving large sums, frequent changes in service requests, or discrepancies in customer data.
Operational red flags
Lack of transparency regarding ownership structures, especially in franchise or white-label scenarios.
- Inconsistent service offerings or pricing that may indicate illicit activity or misrepresentation.
- Gaps in responsible service monitoring (e.g., measures to ensure the appropriate use of security services).
- Insufficient documentation or communication on service agreements, refund policies, and incident reporting protocols.
Onboarding Checklist
Merchants under this MCC should prepare a complete onboarding package before approaching PSPs or acquirers. A well-structured submission improves approval chances and shortens review times.
Legal & corporate documents
company registration and incorporation documents
- disclosure of beneficial owners (UBO) and corporate structure
- valid licenses for security and protective services
- policies: Terms of Service, Privacy, AML/KYC, Refund Policy
Financials & risk management
recent financial statements and cashflow forecasts
- liquidity or reserve model for handling operational costs
- description of antifraud setup and risk management practices
Product & marketing
demo access or screenshots of security service platforms
- marketing plan and traffic source overview (partnerships, local advertising)
- geographic targeting information specific to service areas
Technical integration & security
payment architecture overview with supported methods/providers
- description of security protocols and data protection measures
- PCI DSS compliance status and data storage policies
Operations
customer support setup and availability (languages, operating hours)
- SLA for dispute handling and service-related inquiries
- detailed process for managing service requests and incidents
- internal procedures for compliance and reporting statutory requirements
Regulation & Licensing
Licensing and certification are crucial for merchants in this MCC, as they establish the legitimacy and compliance necessary for operating within the protective services sector. Recognition of licenses can vary significantly based on the merchant's jurisdiction and target markets.
Operator licenses
Private Security License — required in various jurisdictions for businesses providing security services, including guards and armored vehicles. Recognition is often determined by local law enforcement agencies.
- Detective Agency License — necessary for agencies involved in investigations, with specific requirements varying by state or country.
- Firearms License — essential for companies that employ armed security personnel, and must comply with federal and state laws.
- Certified Protection Professional (CPP) certification — recognized by many clients and PSPs as a standard for professionalism in security management.
- Some regions may have state-specific regulations for security operations that need to be adhered to.
Geo-restrictions
Several countries have stringent controls over private security entities, and may entirely ban foreign security operations.
- In the US, licensing requirements can vary state by state; some states have more liberal regulations compared to others.
- PSPs often blacklist merchants operating in regions where security services are not licensed or are operating in grey markets.
Certifications & audits
PCI DSS compliance is essential for handling card data securely, especially for services involving transactions.
- Background checks and training certifications for security personnel, such as First Aid and CPR certifications.
- Regular compliance audits related to local regulations and industry standards.
- Validation of security protocols for risk assessments and emergency response plans.
Official Definitions & Network Comparisons
This section shows how major card networks define this MCC and highlights practical differences that affect merchant onboarding.
| Network | Definition | Key notes |
|---|---|---|
| Visa | Detective and protective services, including security and armored car services | May require documentation of service scope; geo-specific limits |
| Mastercard | Security services including detection and alarm systems, guard services, and armored cars | Must adhere to local regulations; potential monitoring for service type |
| American Exp. | Services for protection, including armored transport and investigative services | Higher scrutiny on service legitimacy; possible higher fees |
| Discover | Protective services and armed transport services | Regional variances may apply; risk assessments are common |
Explanation:
While the definitions across networks have common themes (e.g., protective services, armored cars), variations in terminology such as "detective" vs "investigative" may lead to differing classifications. Each network may have specific approval processes depending on the merchant's location and the services offered. Common issues for rejection include lacking proper licensing or documentation proving the legitimacy of services and adherence to local laws and regulations.
Alternative MCC Codes
Merchants often confuse this MCC with other categories. The table below shows which codes are related, why they are confused, and what risks misclassification brings.
| MCC | How it is used | Why confused | When acceptable | What is risky |
|---|---|---|---|---|
| 7392 | Management Consulting Services | “We provide security consulting” | Business strategy services, including security | Misleading as a primary security service |
| 5722 | Household Appliance Stores | “We sell security equipment” | Selling shopping-related security equipment | Mixing retail sales with service provider status |
| 7538 | Automotive Repair Shops | “We offer vehicle security services” | Vehicle security systems as part of repairs | Provides misleading classification for armed services |
| 8011 | Doctors and Physicians | “We handle personal safety and health” | Medical security services provided by doctors | Attempting to pass off protective services under healthcare |
Rule of thumb for merchants:
If your business revolves around providing protective or security services, it should be classified under MCC 7393. Using other codes can lead to misclassification, risking financial penalties or account issues due to unclear service descriptions.
Best Practices for Merchants
Merchants under the MCC code 7393, which includes detective agencies, protective services, and security services, face unique challenges in managing payments and risk. Following the best practices outlined below is crucial for fostering acceptance, minimizing disputes, and ensuring a smooth operational flow.
Classification & transparency
always use the correct MCC; incorrect classification can result in higher risk assessments and account issues
- prominently display services offered, geographic coverage, and operating licenses on your website
- maintain clear and concise billing descriptions to ensure customer recognition
Fraud & chargeback reduction
implement 3DS or step-up authentication measures for transactions deemed high risk
- utilize precise billing descriptors, provide instant transaction confirmations, and ensure responsive support for client inquiries
- maintain a detailed log of all transactions and service interactions to assist in future dispute representments
Payment acceptance optimization
consider offering a variety of payment methods (credit/debit cards, mobile wallets, ACH transfers) to accommodate customer preferences
- optimize routing based on customer geography, method used, or transaction value, and regularly evaluate PSP performance
- use separate MIDs if necessary for different service offerings to better manage compliance with card schemes
Operational discipline
monitor key performance indicators (KPIs) such as transaction approval rates, chargeback ratios, and customer lifetime value (LTV)
- conduct regular compliance audits and update operational policies to align with best practices
- designate a dedicated team or individual to handle disputes and establish service level agreements (SLAs) for response times
Payouts & liquidity
maintain sufficient liquidity buffers to accommodate potential rolling reserves required by payment processors
- implement automated anti-money laundering (AML) checks for withdrawals, particularly for large amounts
- closely monitor withdrawal patterns to identify any irregular or potentially suspicious activity
Business Scope & Examples
This MCC encompasses businesses that provide protective services, including security and investigative solutions. Merchants in this category typically offer services that ensure safety and security for individuals, properties, and assets, often involving physical presence or surveillance.
Models
private investigation services (e.g., detectives, background checks)
- security guard services (manned guarding, event security)
- armored car services (cash transit, secure deliveries)
- security system installation and monitoring (CCTV, alarms)
- personal protection services (bodyguards, executive protection)
Borderline cases
Event management — businesses offering event security may be confused with security services; however, they primarily focus on organizing events rather than security.
- Residential cleaning services — companies providing maintenance and cleaning that may also offer basic security checks are not classified as protective services.
Signals for correct classification
business provides direct physical security or monitoring services
- services involve risk management or threat assessment
- customer contracts include safety and protection guarantees
Comments