Playbook · Small Business

Small business payments: a practical merchant services playbook

Small business merchant services is an area where owners spend years making pricing decisions around processing without fully understanding what they are paying for. A few hours of statement literacy pays for itself many times over. Here is the working checklist we recommend for small business merchant services.

Editorial Team Merchant Services Analysts · Reviewed April 22, 2026

Statement literacy — the 80/20

You don't need to understand every line item on your merchant statement. You need to understand four:

Gross volume. Total card sales for the month.
Total fees. Everything deducted by the processor, the networks and your ISO.
Effective rate. Total fees divided by gross volume, expressed as a percentage. This is the single number worth tracking month over month.
Interchange. The pass-through portion owed to the issuing bank. Should be visible and identifiable on a transparent statement.

If your statement doesn't show these four clearly, the processor is deliberately making it harder to comparison shop. That is a yellow flag.

Comparing processors honestly

The only honest comparison is: same merchant, same month, same card mix, two different processors' pricing applied to it. Everything else is marketing.

In practice, the way to get that comparison is to take three recent months of your own statements to a second processor and ask them to quote you on the exact transactions you ran. A good quote will walk through interchange, assessments and their markup separately. A bad quote will give you a headline rate and wave away the details.

A good processor shows you their markup. A bad one shows you the all-in rate and hopes you stop asking. — Editorial rule

Chargebacks — respond, every time

A chargeback is a formal dispute filed by a cardholder through their issuing bank. When one arrives, the merchant gets a response window — usually 30 days — to upload evidence. Miss the window and the chargeback is final.

Most small-business chargebacks fall into a small number of reason codes: "item not received," "item not as described," "duplicate charge," or "cardholder does not recognize transaction." Each reason code has a specific evidence list that wins the dispute: tracking numbers for physical goods, signed receipts for card-present services, merchant descriptor clarification for unrecognized charges. The chargeback workflow in your merchant portal shows the reason code; respond to that specific code with specific evidence.

PCI compliance — not optional

Every merchant who takes card payments is required to attest to PCI DSS compliance annually (published and maintained by the PCI Security Standards Council). For small merchants this usually means completing a Self-Assessment Questionnaire (SAQ) — typically SAQ A for e-commerce merchants using a hosted payment page, SAQ A-EP for e-commerce with a direct-post integration, or SAQ B for card-present merchants using standalone terminals.

Processors charge a PCI non-compliance fee — typically $20–$50/month — when the attestation lapses. Completing the questionnaire once a year avoids this fee. Most processors provide a guided PCI tool inside the merchant portal.

Basic fraud mitigation

Three practices cover most small-business fraud exposure:

Chip and PIN wherever possible. Reduces counterfeit-card liability.
AVS and CVV on e-commerce transactions. Catches a meaningful share of stolen-card-number fraud.
Suspicious-transaction alerts. Set up email or SMS alerts for transactions over a threshold. Catching a fraud run at 2am is worth the minor inconvenience of occasional false positives.

Sales-pitch warning signs

"We can cut your rate in half." Not unless you are currently being massively overcharged. Get the specific line items.
"Free terminal." Almost always recovered through higher processing rates. Do the math over the expected life of the contract.
Multi-year contracts with early termination fees. In a market this competitive, long lockups are not in your favor.
"Next Day Funding — guaranteed." The schedule is usually fine, but read the exceptions list.

Want to dig into specific topics?

Our guides break down each of the pieces above in more depth — from statement math to chargeback evidence.

Browse guides →

Small business payments — frequently asked questions

What is a reasonable effective rate for a small retail business?

In 2026, 2.0%–2.6% is typical for a brick-and-mortar retailer on interchange-plus pricing, depending on card mix and average ticket. Restaurants often run slightly lower (more debit). E-commerce runs slightly higher (more keyed-in and rewards-card transactions). If your effective rate is above 3%, it is worth a second look.

How often should I re-shop my processor?

Every 18–24 months, or any time your monthly volume materially changes. Processors occasionally raise rates on the anniversary of your agreement, and it's useful to know the current market rate even if you don't plan to switch.

Can I pass card fees on to my customers (surcharging)?

In most U.S. states, yes — for credit cards, following card-brand rules (30-day advance notice to Visa, specific disclosure signage, maximum surcharge limits). Surcharging on debit cards is prohibited. Surcharging rules vary by state and change periodically; check current rules before implementing.

What do I do if I get a chargeback I think is fraud against me?

Respond through the merchant portal within the deadline, with detailed evidence specific to the chargeback reason code. If the response loses, there is a pre-arbitration escalation for cases where the evidence is clear. Patterns of fraudulent chargebacks can be reported to the card network and the merchant's acquirer.

How do I complete PCI compliance?

Log into your merchant portal, find the "PCI" or "Compliance" section, and complete the guided Self-Assessment Questionnaire for your acceptance method. It typically takes 30–60 minutes once a year, and completing it avoids the monthly non-compliance fee that otherwise accrues.

Does Agent Portal recommend specific processors?

No. We do not accept compensation for editorial placement and do not maintain a "recommended processor" list. Our goal is to help merchants understand the industry well enough to evaluate their own options.

Small business payments: a practical merchant services playbook

Statement literacy — the 80/20

Comparing processors honestly

Chargebacks — respond, every time

PCI compliance — not optional

Basic fraud mitigation

Sales-pitch warning signs

Want to dig into specific topics?

Small business payments — frequently asked questions

Related guides

Payments — how card processing works

POS systems — choosing the right one

Merchant portal guide

Solutions by vertical