Payment gateways for e-commerce -how do they work
E-commerce security issues can appear in many places. They are possible every time something moves. First, there’s an interaction between the buyer and the merchant. There’s an interaction behind the scenes between the merchant and the banks. The banks also interact between each other. And possible security issues can appear on the merchant’s server on in the bank’s software.
Anytime you buy something online or you want to send sensitive information across the web, you should do it only through Https pages. They use a protocol called SSL which encrypts the message between your home computer and the merchant’s server. The normal Http website connections are done by sending and receiving the data in plain text. This is why the Http requests can easily be intercepted by third parties.
Transparent to the end user a set of complicated transactions take place at the back end. The end user enters the goods in the basket and proceeds to checkout. They place the order and are presented with the merchant site for card details. Card details are entered and through a complex process the transaction is verified and then authorised. At the same time available funds are checked for authorisation. It also simultaneously goes through a process of fraud screening from the card issuing bank as well the acquirer bank before being authorised. Settlement then takes place over the next few days. All payment gateways need to be secure and should be PCI-DSS level 1 compliant. They also should have a robust infrastructure with high availability and response time, with a 24/7 system support.
Any time you withdraw money from an ATM, you have to enter a PIN code. This is an additional protection system for the offline world. The equivalent of the ATM’s PIN in the online world is a new technology called 3d Secure. It was first used by Visa and it provides an additional security layer that protects you from online fraud.
You need to ensure that the payment gateways are PCI compliant.
Payment gateways for e-commerce- providers in UK
There are many payment gateway providers that operate across the globe.
Sage Pay claims to operate more than 1000 online and on the phone transactions per quarter. To use the service you need a merchant ID. Plus you can use the service along with your Pay-Pal account.
Away comes with an innovative offer. It offers merchants the option to pay per hour. It’s like buying cloud services that power your web application and you pay the actual resources that your app consumes.
Other notable ones are Secure Hosting and Payment(securehosting), Skypay universal payment gateway, Paypoint.net, Universal Payment Gateway(UPG), eway and many more complete solution providers.
Types of payment gateways for e-commerce
There are payment gateways that require a merchant account and others that do not require one. Those that do not require a merchant ID usually have higher fees and no or low setup fees.
Payment gateways for e-commerce can be installed either on your server or on your bank’s server. If you want to do it in-house, you need to pay more in the beginning and you need to take additional measures for security purposes. But one of the big advantages is that the customer’s credit card details are stored in your own database.
The first type is an API (Application Programming Interface) which is transparent to the customer, works in the background and talks to the shopping cart. The customer does not see the payment gateway website. This is the preferred option as it is transparent to the consumer rather than the consumer being transferred to another site at the crucial moment of the transaction taking place.
The second type are third-party payment gateways, the consumer starts the checkout process on one site but before the transaction is complete is transferred to the second which is a payment gateway site, though simple to setup, not a very customer friendly process, and you may loose a few sales. Some third-party payment gateways allow you to customize the page design.
The third sort are integrated payment gateways. In this situation, you do not require a merchant account from your bank – the payment gateway does everything. For start-up businesses, this can be an easy start. Generally the fees are higher for an integrated services, but the trade-off is convenience for the shop owner. The best known integrated gateways are PayPal and 2Checkout.
There are many well-known online payment systems. The following are the most important.
Authorise.net lets you accept online credit card payments. Before using the service you have to pay setup fee. You will also pay a monthly fee and a per transaction fee.
Pay-Pal is the most popular and it’s extremely easy to setup. The fees vary based on your monthly transaction size.
Google Checkout was created as an alternative to Pay-Pal. The fees are a little bit lower but fewer people use it compared with Pay-Pal.
Amazon Payments is an alternative to PayPal and Google Checkout. It can also be used from your web application.
Dwolla is a service that lets you send money to the people you know. The fee is $0.25 for each transaction bigger than $10. The service is available at the moment only in the United States.
Stripe is aimed at developers who develop web applications and websites.
From a cost perspective, it makes sense to pay for payment gateways for e-commerce, if you sell tens of thousands of dollars worth of products each month. In this situation, it’s a smart idea to get your own merchant ID and go for a payment gateways for e-commerce system. If you sell millions of dollars worth of products on an annual basis, you should get your in-house payment gateway system or simply go for a solution provider.
How to choose payment gateways
You must check if your shopping cart supports it, the software programming and interface to talk to the system is normally done by the solution provider. Most shopping carts support numerous gateways, do check the list on your shopping cart vendor’s site.
Different payment gateways will support different features, The most common features are fraud detection. You may pay extra for this, but it could be worth it. Virtual terminal is another feature you may desire, you can log in and manually process transactions among other things, if you do phone orders, a virtual terminal may be important. Recurring fees Vs a monthly subscription is a number of transactions based decision. Fees, the payment gateway charge are important,it might include a setup fee, monthly/yearly fee, fee per transaction (fixed or percentage), withdrawal fees , charge back fees, fraud detection fees and quite a few iterations. Also account for accepting foreign currency or not to accept foreign currency.
Setting up a Gateway
On signing up, you will get a customer ID, API key or similar, go into the shopping cart, choose the payment gateway you’ve signed up and enter the details provided.
There’s usually a testing phase. This means the shopping cart will be integrated with the payment gateway talking to it, but will not process the transaction. Some have a special credit card number for test mode (Visa card 4111 1111 1111 1111 is a popular one) – check with your payment gateway for details.
Choosing a payment gateway can be tricky. But apart from sign-up fees , it’s not too hard to switch if you are unhappy. With easy integration and low barriers to switching, it is a buyer’s market.