What Is ISO? Definition & Examples

Last reviewed: June 14, 2026Sources reviewed: Visa Rules for Merchant Agents, Mastercard Rules for Independent Sales Organizations

Quick Facts About ISO

Key Takeaways About ISO

ISOs are registered with card networks to sell merchant accounts but are not banks themselves.
They handle sales, customer service. And sometimes processing. While the bank holds financial risk.
ISOs operate under their own brand but must comply with card network rules and regulations.
Merchants work with ISOs for processing services. Though the ISO may partner with a larger processor or acquirer.
ISOs can be large national firms or local providers, offering varying levels of service and support.

Understanding ISO

An Independent Sales Organization (ISO) plays a critical role in the credit card processing ecosystem. While merchants interact directly with ISOs for account setup and support, ISOs are not financial institutions themselves. Instead, they're registered with major card networks like Visa and Mastercard to act as authorized agents for acquiring banks. This registration ensures that'sOs operate under strict compliance guidelines, including adherence to Payment Card Industry Data Security Standards (PCI DSS) and card network operating regulations.

Related glossary terms: Acquirer, Payment Processor, Interchange Fee.

ISOs vary widely in size and scope. Some are large, nationally recognized companies with direct relationships to multiple acquiring banks. While others are smaller, locally focused providers specializing in specific industries or geographic areas. Regardless of size, all ISOs share a common function: they sell merchant accounts and related services, often under their own branding. While the acquiring bank remains responsible for underwriting, risk management. And regulatory compliance. This structure allows banks to expand their merchant base without handling direct sales. While ISOs can offer custom solutions to businesses of all sizes.

How ISO Works?

The relationship between an ISO, an acquiring bank. And a merchant follows a structured workflow. When a merchant applies for a credit card processing account through an ISO, the ISO collects the necessary documentation and submits it to the acquiring bank for underwriting. The bank evaluates the merchant’s creditworthiness, industry risk. And processing volume before approving or denying the application. Once approved, the merchant’s transactions are processed through the bank’s infrastructure. Though the ISO may handle ongoing customer support, billing. And technical assistance.

ISOs often partner with payment processors or larger ISOs to access additional services, such as payment gateways, point-of-sale systems. Or fraud prevention tools. These partnerships allow ISOs to offer a broader range of solutions without developing their own technology. For example, an ISO might resell a virtual terminal or mobile payment solution provided by a third-party processor while branding it as their own. This flexibility enables ISOs to compete in a crowded market by tailoring their offerings to the unique needs of different merchants, from retail stores to e-commerce businesses.

Compliance is a cornerstone of an ISO’s operations. Because ISOs interact directly with merchants, they must ensure that all accounts adhere to card network rules, including proper disclosure of fees, adherence to transaction limits. And compliance with anti-money laundering (AML) and Know Your Customer (KYC) regulations. Failure to maintain compliance can result in fines, suspension. Or termination of the ISO’s registration with the card networks, which would effectively shut down their ability to operate.

Why ISO Matters?

For merchants, ISOs serve as a critical access point to the credit card processing ecosystem. Without ISOs, many small and mid-sized businesses would struggle to navigate the complex requirements of setting up a merchant account, particularly those in higher-risk industries or with limited credit history. ISOs simplify this process by offering personalized support, competitive pricing. And specialized services custom to specific business models. This accessibility helps level the playing field, allowing businesses of all sizes to accept credit and debit card payments, which are essential for growth in today’s economy.

For acquiring banks, ISOs provide a cost-effective way to expand their merchant base without investing in large sales teams or direct customer support infrastructure. Banks rely on ISOs to handle the front-end work of merchant acquisition, including sales, onboarding. And initial training. While the bank focuses on underwriting, risk management. And settlement. This division of labor allows banks to scale their operations efficiently while maintaining control over the financial and regulatory aspects of merchant processing. And ISOs often assume some of the marketing and sales risks, as they are typically compensated through residuals or commissions based on the merchant’s processing volume.

When ISO Matters Most?

ISOs become particularly important in several key scenarios. For new businesses, an ISO can provide guidance on selecting the right merchant account, understanding fee structures. And ensuring compliance with card network rules. Startups or businesses with limited credit history may find it easier to work with an ISO that specializes in their industry, as these ISOs often have relationships with acquiring banks that are more lenient with underwriting criteria. Similarly, businesses in high-risk industries, such as travel, e-commerce. Or CBD sales, often rely on ISOs that have experience working through the unique challenges of these sectors.

ISOs also play a critical role when merchants need to switch processors or upgrade their payment systems. For example, a brick-and-mortar store expanding into e-commerce may require a payment gateway or virtual terminal, which an ISO can provide as part of a bundled solution. And merchants experiencing rapid growth may need to renegotiate their processing rates or upgrade their hardware, tasks that an ISO can help with. In these situations, the ISO’s expertise and relationships with acquiring banks and processors can save merchants time and money while ensuring a smooth transition.

Finally, ISOs matter when disputes or compliance issues arise. Because ISOs handle day-to-day merchant interactions, they are often the first point of contact for chargebacks, fraud alerts. Or PCI DSS compliance audits. A knowledgeable ISO can help merchants resolve these issues quickly, minimizing financial losses and avoiding penalties from card networks or acquiring banks. For this reason, selecting the right ISO is a critical decision for any business that relies on credit card processing.

How to Evaluate ISO?

Check if the ISO is registered with Visa and Mastercard by searching their official directories.
Review the ISO’s contract for transparency in fees, including interchange markup, monthly charges. And early termination penalties.
Ask for references from other merchants in your industry to gauge the ISO’s reliability and customer service.
Verify whether the ISO offers 24/7 support, particularly if your business operates outside standard hours.
Assess the ISO’s compliance record by checking for past violations or fines from card networks or regulatory bodies.

Related Concepts Compared

ISO vs. Acquirer

An acquirer is the bank that underwrites and holds the merchant account. While an ISO sells and services the account on the bank’s behalf.

ISO vs. Payment Processor

A payment processor handles the technical side of transaction authorization and settlement, whereas an ISO focuses on merchant sales, support. And account management.

ISO vs. Merchant Services Provider (MSP)

MSP is a broader term that can include ISOs, processors. And other entities; ISO specifically refers to organizations registered with card networks to sell merchant accounts.

Expert Note

ISOs vary significantly in quality and transparency. Some operate as true partners, offering tailored solutions and proactive support. While others prioritize volume over service. Always review the contract’s fine print, particularly around fee increases and termination clauses, to avoid unexpected costs.

Common Mistakes or Myths About ISO

Assuming an ISO is the same as the acquiring bank or payment processor.
Overlooking hidden fees in the ISO’s contract, such as monthly minimums or PCI non-compliance penalties.
Choosing an ISO based solely on the lowest advertised rates without considering service quality or support.
Ignoring the ISO’s compliance record, which can lead to account holds or termination.
Failing to confirm whether the ISO offers hardware or software compatible with your business’s existing systems.

ISO in Practice: A Real-World Example

A San Diego-based coffee shop wants to start accepting credit cards. The owner contacts a local ISO, which helps them complete an application and provides a credit card reader. The ISO submits the application to an acquiring bank, which approves the account. The coffee shop begins processing transactions, with the ISO handling customer service and billing. While the bank manages the financial risk and settlement of funds.

Sources & Further Reading on ISO

Visa Rules for Merchant Agents
Mastercard Rules for Independent Sales Organizations
Federal Trade Commission - Payment Processing Guide

Related Terms

Acquirer

Acquirer is a financial institution or bank that processes credit or debit card payments on behalf of a merchant. Acquirers enable businesses to accept card payments by connecting them to card networks, handling transaction authorization. And ensuring funds are deposited into the merchant’s account after settlement.

Payment Processor

Payment Processor is a financial technology company or service that acts as an intermediary between merchants, card networks. And banks to authorize, clear. And settle credit and debit card transactions. Payment Processors handle the technical and financial workflows required to transfer funds from a customer’s issuing bank to a merchant’s acquiring bank, ensuring transactions are secure, compliant. And completed in real time or near real time.

Interchange Fee

Interchange Fee is a non-negotiable charge set by card networks like Visa, Mastercard, Discover. And American Express, paid by merchants to the card-issuing bank for each credit or debit card transaction. This fee compensates the issuer for handling risk, fraud protection. And the cost of funding the transaction before settlement occurs. Interchange Fee varies based on card type, transaction method. And merchant category.

PCI Compliance

PCI Compliance is adherence to the Payment Card Industry Data Security Standard (PCI DSS), a set of security requirements designed to protect cardholder data during credit and debit card transactions. PCI Compliance applies to any organization that accepts, processes, stores. Or transmits payment card information, ensuring consistent security measures to prevent data breaches and fraud.

Questions About ISO

What is the difference between an ISO and a payment processor?

An ISO sells and services merchant accounts but does not handle transaction authorization or settlement. A payment processor manages the technical side of processing, including routing transactions to card networks and settling funds to the merchant’s bank.

How do ISOs make money?

ISOs earn revenue through residuals, which are ongoing commissions based on the merchant’s processing volume, as well as upfront fees for equipment or setup. Some ISOs also mark up interchange fees or charge monthly service fees.

How is ISO used in practice?

Yes, ISOs must register with card networks like Visa and Mastercard and comply with their operating rules. They are also subject to federal and state regulations, including anti-money laundering and consumer protection laws.

CreditCardProcessing-SanDiego.com

Have Questions About ISO?

Contact CreditCardProcessing-SanDiego.com for practical guidance on ISO and related credit card processing work in San Diego.

Contact Our Experts

What is ISO?