Unlocking success: The ultimate guide to mastering virtual card locks and subscription management.

The use of subscriptions and recurring payments is at an all-time high and is forecast to grow even more. For enterprises, it is crucial to manage these services in a compliant way.

Mazepay ensures a secure subscription and recurring payment management with each virtual card locked to a subscription.

‍

Virtual card locks to subscriptions

When we created Mazepay, security and compliance were among the essential things, which is why approval before purchase plays a vital role in our solution. What would a pre-approved amount mean if it could be spent on anything? Theoretically, a plastic card with a higher spend amount for multiple charges can be exploited. That is why Mazepay is built on the infrastructure of virtual cards. When a recurring virtual card is issued, it will be locked to that subscription(*) after the first charge, meaning it cannot be used for other spend.

Besides compliance, this has many other advantages; e.g. transparency and easy management.

(*) When talking about a virtual card being locked to a subscription, we discuss SaaS subscription services, social media campaign accounts, cloud service accounts or merchants. Different providers have different ways of handling payments; we identified four use cases, which we will explain in detail. For simplicity, we use the term subscription as an umbrella term for the different use cases.

‍

‍

Benefits of subscription-locked cards

‍

‍

Compliance

One virtual card, one subscription. Software-as-a-service purchases remain within the approved budget; new items and services can only be purchased with another approval. The virtual cards cannot be handed over to colleagues for additional items or purchases.

‍

Transparency and control

Finance can easily match the transactions with the ongoing services, identify subscription owners, and move ownership or cancel a subscription.

‍

‍

Budgeting tool

Setting budgets for teams, employees, or campaigns is easy with spend limits and the card's expiry date. It is easy to see spend, revoke cards and allocate resources from one campaign or team to another.

‍

‍

Best practices and use cases

For the best user experience, we collected some best practices and selected some use cases to help you get the most out of Mazepay.

‍

‍

SaaS subscriptions

A convenient and broadly used model for software and other digital services. Many businesses use them; however, they are only easy to follow and control with the right tools. You can easily control this convenient model with virtual cards supported by Mazepay's end-to-end process.

Depending on annual or monthly charges, and team or individual subscriptions, we recommend the following way of requesting and using the cards to remain compliant.

‍

‍

Annual charges

The best way is to request a single-use card, as this is a single annual payment.

‍

‍

Monthly/other charges

We recommend requesting recurring virtual cards for the planned period. Be mindful that the virtual cards will expire after twelve months.

‍

Social media subscriptions

‍

Running campaigns on different social media platforms is a must for almost every company. Navigating between the payments, however, can take time and effort.

Social media billing is usually set up with the option of adding one payment method at a time for an account; this can interfere with the approvals, so we recommend creating separate accounts for each parallel ongoing campaign for the most compliant use and transparency. This way, the cards can be used as budgeting tools; each campaign only runs until their spend limit has been reached and can be stopped by revoking the card.

Here we break down the two most used platforms individually:

‍

‍

LINKEDIN

‍

In the LinkedIn campaign manager for one LinkedIn ad account, only one payment method can be added. However, you can create multiple LinkedIn ad accounts for the same LinkedIn page.

Each LinkedIn ad account can have its own payment method added, so we recommend creating an ad account for each running campaign, that way, their spend can be easily controlled.

‍

Resources:https://www.linkedin.com/campaignmanager/accounts/new

‍

‍Create an Ad AccountIn order to advertise on LinkedIn, you'll need to create an ad account in Campaign Manager. An ad account allows you to create and manage advertising campaigns, view performance reports, and manage account assets such as Matched Audiences or conversion tracking.You'll also be able to manage the billing separately for each ad account you create. Depending on the size and scale of your advertising needs, you may need to create multiple ad accounts. Learn more

‍

‍

FACEBOOK

‍

In the Meta ads manager, you can add multiple payment methods for one Facebook ad account. However, in these cases you need to choose a default payment method, and that will be charged for each campaign. When it cannot be charged, the other methods work as a fallback.

Each Facebook ad account can have its own default payment method added, so we recommend creating an ad account for each ongoing campaign, that way, their spend can be easily controlled.

‍

Resources:https://m.facebook.com/help/132073386867900https://m.facebook.com/help/105373712886516

‍

‍The new payment method is added to your existing ad account.If you have multiple payment methods saved to your ad account, you can set a default payment method. We'll charge your default payment method first when you make a payment for your ads.If you share your payment method or ad account with others, make sure to check with them when you don't recognise the charges on your bill. It's possible that someone you've shared information with has run ads using your payment method or ad account.

‍

‍

Cloud services

‍

Similar to social media platforms, we recommend creating individual accounts, but here, for each service. Cloud providers often have different merchants for each service, meaning that one card already locked to a service cannot be used for the same provider's other services.

We break it down into two examples below:

‍

GOOGLE

‍

In Google Cloud, you can set up several accounts for different services. For this, Access Management Roles can be used.

We recommend for each role and each service and their renewals request an individual multi-use card.

‍

Resources:https://cloud.google.com/billing/docs/how-to/payment-methods

‍

‍In Google Cloud, you can set up a self-serve, online Cloud Billing account and use it to define who pays for a given set of Google Cloud resources. You use Identity and Access Management (IAM) roles to control access to a Cloud Billing account.A Cloud Billing account is connected to a Google payments profile. The Google payments center is a Google-level resource that includes the payment instruments to which costs are charged. These payment instruments pay for the charges you incur when you use Google Cloud resources. Since the Google payments center is a Google-level resource accessed and managed outside of Google Cloud, you manage the access permissions for your Google payments profile separately from the access permissions for a Cloud Billing account.If you have the necessary permissions, you can interact with your Google payments profile from within the Google Cloud console (as described below) or at payments.google.com.

‍

‍

AWS

‍

For AWS, we recommend setting up individual payment profiles for each service and requesting individual multi-use cards for these.

‍

Resources:https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/manage-paymentprofiles.html

‍‍

You can use payment profiles to assign payment methods that are different than your default payment method to pay your invoices automatically. If you receive invoices from more than one AWS service provider ("seller of record"), use payment profiles to assign a unique payment method for each one. After you create a payment profile for a service provider, your payment profile pays your AWS bills automatically. It does so using the currency and payment method that you specify.Payment profiles are useful in avoiding situations such as incomplete payments, failed subscription orders, or unprocessed contract renewals despite having a valid default payment method. By using payment profiles, you can do the following: - Use different payment methods for different AWS service providers. - Customize your payment preferences for your AWS Organizations member accounts that use different service providers. - Always have valid payment methods for your automatic bill payments. - Avoid service interruptions and incomplete balances.

‍

‍

None periodical recurring payments

‍

The final category is none periodical billing, delivery services, volume-based billing, etc. We recommend requesting a recurring virtual card for each individual service, set up with a spend limit that matches the expectations of the period.