Hertz × Stripe: securing a $177M rental-payments contract

Verra Mobility operates the toll-management backbone for North America's largest rental fleets. Hertz needed a modern payments stack that could move from batch reconciliation to real-time authorization across millions of rental transactions, without disrupting the existing tolling experience or breaking the FISERV-based path that was still live in production.

Hertz is Verra's largest rental-car customer, and more than 95% of Verra's Hertz revenue ran through merchant-processing integrations. So when Hertz committed to migrating off FISERV onto Stripe, the entire $177M contract rode on whether Verra could meet them there.

Verra's credit-card system had to ingest both FISERV and Stripe tokens simultaneously. Hertz wasn't going to flip a switch; they were going to cut over location by location across a year. That meant a single rental-return file could carry either token type, and the billing engine had to route correctly without breaking the FISERV path that was still generating the majority of revenue.

The integration also had unforgiving edges: Stripe's tagged-refund constraint (no goodwill refunds the way FISERV handled them), MIT cloning across Stripe Connect accounts (platform vs. standard) that had to preserve network transaction IDs and original charge amounts for card-brand compliance, a 22-character DBA-name ceiling on dynamic descriptors, and a chargeback workflow that needed ChargeID (not the existing Merch Ref Id) to round-trip back into the tolling billing engine (BPA). None of those could be hand-waved in a deck.

• Owned PRD and roadmap across authorization, capture, refunds, chargebacks, and the dual-token (FISERV + Stripe) ingest path.
• Broke a sprawling vendor program into 5 sequential stage-gate projects, each with its own exit criteria. That turned a year of ambiguity into five decisions Verra, Hertz, and Stripe could converge on.
• Drove the file-layout contract with Hertz and Stripe: tokenization status, first-6/last-4, card brand, client ID + payment method ID, network txn ID, original charge amount.
• Mapped Hertz's auth response codes (521, 522, 523, 502/503, 504, etc.) into Stripe's standard decline categories (EXPIRED, INVALID, STOLEN, SUSPECTED-FRAUD, DECLINE) so BPA and TollKeeper could keep their own hard-decline rules.
• Negotiated the Stripe Connect model with the Stripe partnership team: platform account vs. standard connect account, customer/PaymentMethod cloning, Card Account Updater for cloned cards.
• Stood up the chargeback redesign with the dispute operations and Business Process Automation (BPA) engineering teams: ChargeID-based reporting, a new endpoint so BPA could pull charge data, and a Stripe dashboard role for the dispute analysts.
• Defined the pilot → cohort → fleet-wide rollout (OKC HLE first, then DEN HLE, OKC airport, then TUL/TPA/DEN/DFW airports, then Hertz.com) with explicit go/no-go gates and the Memorial-to-Labor-Day release freeze built in.

• Stripe-backed authorization, capture, and tagged-refund flows wired into Verra's on-prem OCS credit-card system and the BPA / TollKeeper billing engines.
• Dual-token rental-return ingest: FISERV and Stripe tokens flowing through the same file pipeline, with file-level tokenization metrics (total / valid / missing / non-industry / invalid / error) reported daily.
• Four MID setup across USD and CAD (Business Services + Tolls & Bridges), with the 22-character statement descriptor ("HERTZ TOLL RA*") and shortened "HERTZ TOLL" descriptor agreed with Hertz and the card brands.
• Chargeback workflow rebuilt around Stripe's dispute dashboard plus an API-driven evidence-submission path, with a new BPA endpoint that uses ChargeID for every charge going forward, not just Stripe ones.
• Phased US rollout: Hertz.com + e-commerce with Apple Pay (Phase 1.0) ahead of the in-person / counter Stripe Terminal path (Phase 1.1), with periodic settlements landing before large airports to avoid Stripe's 30-day auth auto-reversal.
• TSD multi-account support for cloned-fleet (multi-brand) locations once Stripe Terminal Multi-Account shipped.

• $177M Hertz rental-payments contract secured.
• Enabled Hertz to fully sunset FISERV and complete the migration onto Stripe on schedule.
• Delivered the integration as 5 sequential stage-gate projects, giving Verra, Hertz, and Stripe a shared timeline instead of competing scopes.
• Chargeback and Stripe tagged-refund edge cases mapped before engineering committed.
• Final phase (Project 5) reached Stage 5 exit by 2024; Hertz fully sunset FISERV on schedule.

Three things made this win repeatable. One, dual-rail by design: the file pipeline had to carry FISERV and Stripe tokens in parallel, not in sequence, because the cutover ran a full year. Two, stage-gating a sprawling vendor program into five projects with their own go/no-go criteria turned a year of ambiguity into five decisions. Three, the chargeback, tagged-refund, MIT-cloning, and decline-code-mapping edge cases got mapped before engineering committed, not after. That's why we had zero SEV-1 regressions on rollout.

The lesson I take into AI work now: regulated, vendor-heavy, multi-stakeholder programs close on technical credibility, not narrative. Get the file layout right and the deck writes itself.

The contract closed because the platform answer was credible at the file-format and decline-code level, not because of a deck. The unlock was sequencing the dual-token cutover and the stage-gate exits so commercial could push on price without engineering scope slipping underneath it.