Posts Tagged ‘payments online’

Integrating Payments Into Your Website

Monday, July 5th, 2010

In my last post I outlined the basics to taking payments online and how to choose a payment provider. This time we look at what you need to do once you have chosen your payment provider the ways you will integrate payments into your website.

1. Integration options

I have integrated most of the major payment engines and they all work differently but in principle there are two main methods:

Form Integration

This is the way that most websites integrate with a payment provider and is usually the only option if you are using eCommerce software. The basic premise is that you process the order on your site all the way up to the point the customer pays. At that point your customer is redirected to your payment provider’s secure payment page where they enter their credit card. The customer is then directed back to your website once they have completed their payment.

Pros:

  • Very simple to do (most eCommerce software will do this for you)
  • You do not need to store or process credit cards
  • Customers may feel more secure as they are on a separate secure site

Cons:

  • It can give a less professional or smaller shop feel
  • Less design control over the checkout process

Integrated

In this method you take payments on your own site and pass them securely to your payment provider. The customer never leaves your site.

Pros:

  • Perceived as more professional by customers
  • A more streamlined checkout process
  • More control over the design and workflow of the checkout

Cons:

  • You will need to be PCI compliant (see below)
  • You will need to have a secure method of storing credit cards
  • You will need a SSL certificate (secure sockets layer, this is when you have a lock icon in your browser)

2. What about PCI compliance?

If you take payments online (or offline for that matter) then you need to be aware of PCI compliance. The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. Which translates to if you process payment cards you need to make sure you keep the customer’s card information safe during the process.

There are different levels of compliance depending on how many transactions you process per year. Most merchants will fall into the lowest category which is level 4 (fewer than 20,000 transactions per year) and for this there is a self-certification questionnaire that needs to be filled in and the possibility of a scan of your site to determine any vulnerabilities. The higher the level the more work (and potentially an audit) there is to comply.

The key to remember is that if you take credit card payments in any form you need to be compliant. If you want to learn more this site is a great place to start: http://www.pcicomplianceguide.org/pcifaqs.php

3. Should I use 3D secure?

First of all if you do not know what 3D secure is. Verified by Visa and Mastercard Securecode helps to customer’s cards against unauthorised use when they shop online by requiring them to enter a personal password each time they buy. The customer only need to register once to create a password for each credit card they own.

There is no right or wrong answer to whether you should use 3D secure or not. Personally I like it as it means lower per transaction costs and less fraud. I think eventually that it will be mandatory for all online transactions so you may as well use it sooner rather than later.

Pros:

  • Less fraud (which means less costly chargebacks)
  • Lower transaction costs with your payment provider
  • Makes the buyer feel more secure

Cons:

  • It is an extra step for the customer to complete which increases the risk of them abandoning their purchase
  • It is another password for them to remember (or perhaps forget)

That is the quick introduction to payments online, if you have any questions please add them in the comments.

Tags: , , ,
Posted in General | No Comments »

Taking Payments Online For eCommerce

Wednesday, June 16th, 2010

Continuing with the eCommerce theme I thought I would review the various options for taking payments online. For the people who have never taken payments online, first an introduction.

1. What do you need to take payments online?

If you are new to taking payments this actually is more complicated than you might think. To accept online payments you need:

  • A payment processing service (PSP) or ‘payment gateway’ – this service collects and sends payment details to the banking network.
  • An internet merchant account (IMA) – All the payments you receive are paid into your merchant account before being transferred to another business account.
  • A personal or business bank account where the funds from the IMA are transferred to.

Some providers provide just a PSP service so you need to source a separate IMA but I am going to concentrate the rest of the article on those providers that supply both services together.

2. How do you choose a payment provider?

There are lots of players in the market and a lot of choice so what sorts of things should you be looking for? My personal criteria for selection is the following:

  1. Reliability – how reliable is the service, PayPay has suffered in the past from a bad reliability record and if your payment provider is down then you cannot take payments. If you are a high transaction business this can cost you a lot of money.
  2. Integration options -  what are the different options to integrate payment onto your site, can you take payments on your own website or do you have to redirect to the payment providers site?
  3. Support – how good are their support teams, what hours are they available, ecommerce is a 24/7 business.
  4. Fees – what is their charging structure, do they offer volume discounts for large numbers of transactions? Fees vary a lot and a few % per transaction can affect your margins.
  5. Perceived quality to the customer – if you use a well respected brand for payments this perceived quality will help put your customer’s minds at ease.
  6. Fraud protection – what steps, procedures and tools do they offer to reduce fraudulent transactions?
  7. How quickly funds are released – some providers hold funds for as long as 30 days which can hurt your cashflow.
  8. Reporting – how easy is it to run reports for your business reporting?
  9. Ease of use – how easy is it to issue refunds or check charge backs?

Other less important criteria might be:

  • Can you take payments over the phone?
  • Can you take multiple currencies?
  • How much do they charge for fraudulent transactions or charge backs?
  • Do they accept recurring payments (repeat transactions for subscription sites)?
  • Do they accept PayPal payments? The large payment providers now accept PayPal as well as credit cards.
  • How customisable are the payment pages?

3. What will it cost me? Who are the main players?

The total cost of accepting payments is the combination of payment processing charges (per transaction) and the internet merchant account (usually a fixed monthly fee). There will also be one off set-up costs and addons for extra fraud protection etc.

The per transaction costs vary quite a lot and depending on the volume of your business can be negotiated.

A lot of the best payment providers only cater to US business in the UK the the main players are:

  • SagePay – formerly Protx and now owned by the accounting software company Sage. They offer a range of integration options at no extra charge, and they are personally my choice of payment provider.
    • £20 per month
    • Per transaction costs of 2.5% for credit cards and 40p for debit cards
    • No set up fees
    • No minimum contract term
  • RBS WorldPay - recently purchased by RBS and offer a superb, reliable service with great technical support. They are also a great choice if you do not have a lot of trading history and need to be up and running quickly.The downside for me is that the payment pages cannot be customised as much as I would like.
    • £15 per month
    • 3.35% per transaction + 15p per transaction
    • £75 set up fee
  • PayPal – have a long history taking payments and a brand that consumers trust. In my experience they are not as reliable as other services, testing your service is harder than it should be and the consumer experience is not as good as the previous choices.
    • £20 per month (or they have a free option if you do not want to take payments on your site)
    • Transaction charges are 1.4% – 3.4% plus 20p, depending on sales volume
    • No set up fees

The high street banks also have solutions, Barclays have ePDQ and HSBC have a solution (which when I last used it was very cumbersome to integrate).

So that is the quick overview to taking payments online. Next week I will be going through the various ways to integrate payments into your site once you have chosen a provider and what that means for your business.

Tags: , , ,
Posted in General | 1 Comment »