Security Deposits for Rental Businesses – Tokenized vs Authorization

Security deposits are a unique issue for rental businesses since the value of the rental is usually far less than the value of the products rented. This leads to the question how can security deposits properly be handled?

There are a few ways to handle this, but no way is perfect. Currently we recommend tokenized credit card storage. If you want to implement the other method please contact us with what payment method you want to use and we can review the customization.

In either case – please make sure that in your rental contract (part of our rental system) you clearly state the amount that the customer is responsible for damages and that you have the right to collect payment for any damages to your products.

Let’s review the methods and what they mean:

Tokenized Credit Card Storage

This is the recommended way by most credit card processors.

Pros

  • The customer does not see a large authorization to their credit card which they may think they are being charged for a security deposit
  • The charge for damages can be done beyond 7 – 30 days (the length most credit card processors allow for authorization)

Cons

  • There is a risk that the fund may not be available

Supported Tokenized Credit Card Storage Payment Gateways:

Authorize.net CIM for Magento 2 (free extension): https://github.com/pmclain/module-authorizenetcim

Stripe for Magento 2: (free) https://stripe.com/docs/plugins/magento

Braintree: Built-in to Magento 2

Paypal: Given the nature of paypal, there is not tokenized credit card storage system, so it is not recommended if you need to potentially charge for damages to products.

There are also others, if you have a question on another gateway please ask.

Additional Notes

Some credit card tokenization systems allow the customer to “opt-out” of having their card stored. This is a bad idea so either turn off this option as you need the credit card in case you need to charge it again, or have your developer tweak the payment gateway to hide this option for customers if this option is not built-in.

Authorizing A Security Deposit, Then Charging It If There Are Damages

In this method, the rental amount of the order is authorized and charged (captured), however the larger security deposit amount is only authorized. This is how we implemented it in Magento 1.x, but have since decided against this method fo the reasons described in the cons section.

Pros

  • Funds will for sure be available to charge for the security deposit if captured within 7 – 30 days

Cons

  • Each payment gateway handles “dual” transactions differently, and this can cause issues for checkout. For example some gateways may see a large authorization and then a small capture as a security risk or that something has gone wrong
  • Another issue is that each gateway has a different amount of time that they allow an authorization to last. From what we have read AMEX credit cards only allow 7 days. The times allowed are below. So this obviously causes issues if your rental is longer than 7 – 30 days.

Information on gateways and authorization times

AMEX credit card: 7 days

Stripe: 7 days Docs

Paypal: 29 days, but transaction must be reauthorized 3 times Docs

Authorize.net: 30 days, but AMEX 7 days Docs