Taking Credit Card Payments Online

By David Eedle |  Email This Post

There are a great many resources online helping you to make money on the internet. What they don’t always help you with is taking money on the internet. This post is an overview of some of the ways you can charge customers money via their credit card on your web site.

I can remember clearly the first time I implemented a credit card payment system online. It was 2000 (lord, 10 years ago) for our internet business Arts Hub. Back then PayPal was in its infancy. No banks in Australia offered a customer facing online credit card system. After a little research I came across a Melbourne-based company called eFirst who had built an interface to the Camtech payment gateway, which these days is called payments.com.au (I still have several clients who use them). To implement a Camtech solution required a fair amount of technical expertise, and I seem to remember, may not even have been available to tiny little businesses like us. The eFirst system required installation of software on our web server, althbough that later changed to become an XML-based system, making life an awful lot easier. But I’ll spare you the geek stuff, this article is intended as a primer for web site businesses, not programmers.

I’ll cluster payment services into three main levels of complexity:

1. Self contained
2. Partial Integration
3. Full integration

Self Contained

The self contained services are complete payment systems, requiring you to do nothing more than add a ‘Buy Now’ button to your web site. They handle all the data and processing, leaving you with the sole task of checking your bank account every so often to check how much moola has been deposited.

PayPal is probably the most well known online payment service in the world, thanks in part to their aquisition by eBay in 2002, which led eventually to being the exclusive payment option on eBay’s auctions.

PayPal’s ‘Buy Now’ button system is simple to implement. You need pretty much zero technical skill, other than knowing how to copy and paste. There’s no complex application process, your credit rating is immaterial and they don’t care if your bank manager won’t return your phone calls.

You place the Buy Now button on your web site, the button code contains a couple of special indentifiers, so when a customer clicks it, they are taken to PayPal’s web site. The customer pumps in their credit card details (or utilises their existing PayPal account), the money is credit to your account and everyone receives notification emails.

The Buy Now button system has been expanded over the years to include the ability to use PayPal as a shopping cart, so customers can add multiple products into a shopping cart and pay for them as a single transaction. There is also a subscription system, so you can charge customers a recurring payment.

The self contained services are dead simple, require no technical expertise, and you’ll be receiving money within hours of going live.

As a comparison to PayPal, have a look at Google Checkout.

Many banks these days also have online payment page systems available to the banks customers. They tend to be simple, but as they are operated by your bank customers presumably tend to regard the transaction as safe.

The self contained services are complete payment systems, requiring you to do nothing more than add a ‘Buy Now’ button to your web site.

Partial Integration

After a while using the self contained systems you discover that you just don’t have enough control over your data – starting with the customer details. What you really want is to maintain a list of your customers on your web site, and record transaction information against their accounts. The most common example of this is online shops – if you sell products online you need to ensure returning customers don’t have to endure the rigmarole of re-registering everytime they purcahse. Plus wouldn’t it be nice if you had access to your customer list for marketing purposes, to send out promotions and offers?

Most off the shelf shopping cart software products provide integration to a variety of online payment services including:

1. PayPal
2. Google Checkout
3. Amazon Payments

All of the shopping process is managed by your software, until the customer clicks to pay and check out. They are transferred to the third party payment system’s web pages, where they make the payment, then they are immediately returned to your web site. So while the customer has seen a web page jump, they do eventually wind up back on your site – for example to see their ‘Thanks for Shopping with us’ message.

1. Behind the scenes the third party system is also transferring data to you. Typically I implement these systems like this:
2. Customer selects product(s) and adds to their shopping cart. The cart is a part of my website’s software
3. The Customer clicks to check out. I capture their user details, or ask them to log in if they are a returning customer
4. I store their details temporarily and jump them off to the third party’s payment page
5. When the customer returns back to my web site I then update my database with their details, information about the transaction and so forth

Full Integration

A full integration is where the customer never leaves your web site to complete the transaction. The customer enters all of their information, including their credit card number into forms on your web pages. Your software interacts with an online payments system behind the scenes to exchange data with the payment gateway. The intent and overall effect is a completely seamless experience for the customer.

Some shopping cart systems offer this kind of full integration, but otherwise it is often achieved via custom written program code. I’ve used a number of these systems, including the PayFlow payment gateway system from Verisign – which now is owned and branded to PayPal.

A key reason why many web sites use self contained or partial integration payment systems is security. Whilst you might be handling some personal details on your web site, you are not touching the actual payment, including the customer’s credit card details. These are requested by, and processed on, the third party’s web site, leaving much of the security issues in the hands of the third party.

This is a huge issue. It is critical that customers have complete confidence in the security of their credit card and payment information. You only need one breach of security to undermine your market’s trust. So we hand off their trust to PayPal, Amazon or Google – brand names customers know well.

If you opt for a full integration, security becomes paramount. You must have a Secure Sockets Layer (SSL) certificate, so that the data exchange between the customer’s web browser and your web server is encrypted. These are the web page URLs that start with ‘https’ instead of ‘http’. You also must implement high levels of security in your program code and accompanying hardware systems to mitigate against people hacking into your database and stealing the payment details. There have been many high profile thefts of credit card numbers from some major companies – you must not be one of them. The potential damage to your reputation and business is obvious.

Using services such as PayPal and Amazon to process your payments has a significant upside in addition to security – they look after the merchant account facility you otherwise would need to maintain. Normally a business that wishes to accept credit card payments must open a merchant facility with their bank – usually for Mastercard and Visa. In addition, if you also want to accept Diners and American Express you also have to apply to those companies for an account.

Many credit card companies are still extremely cautious about internet payment transactions, they are concerned about the potentail for fraud and other problems. And so often they require you to lodge a security deposit, each provider has a different equation to calculate the bond amount, but in essence they are seeking to insure themselves against the possibility of a problem arising – for example, fraudulent transactions, or your business going out of business with products or services left unfulfilled.

I remember when we tried to open a merchant facility with Barclays Bank in the UK for Arts Hub many years ago, they asked for a £40,000 bond, an amount that was completely out of the realm of possibility. Instead we signed up with WorldPay, an online payment system that allowed us, as an Australian company, to charge people in the UK in pounds sterling – and also conveniently, Euros. In more recent times I worked with a local company that sells action and adventure experience gift vouchers online. We looked at changing their merchant facility from one bank to another to take advantage of a better online transaction gateway software product, but were thwarted by the new bank’s insistence on a $A250,000 security deposit.

Payment providers such as PayPal and Google make life easy for the online retailer. Their one drawback from my point of view is cost. The convenience they offer comes at a price, through relatively high transaction and merchant fees – and these are expenses you pay.

High volume sites will need to look to the fully integrated, large volume systems such as the PayFlow gateway from PayPal. It will have higher set up and running costs, but you win through lower transaction fees.

What to choose?

So what systems should you choose to accept online credit card payments. Here are my tips:

1. You have a couple of physical products, or you have a content subscription business just launching or early stage.

Go with PayPal. You can open a merchant account with PayPal in ten minutes, copy and paste their Buy Now or Subscribe Now buttons and be selling in no time.

2. You have an electronic product such as an eBook

Go with PayPal but in conjunction with eJunkie. eJunkie handles the shopping cart part of the equation, and the delivery of the digital product. It integrates well with PayPal. I’m not a big fan of the eJunkie management interface, it’s old fashioned and clunky. But it does the job.

3. You have a bunch of physical products to sell, your web site is essentially a shop

Go with a shopping cart system that integrates with one of the main payment gateways such as PayPal, Amazon or Google.

Niche Content Millionaire is a downloadable eBook that tells you the true story how we made millions from subscription content and membership websites. Buy Niche Content Millionaire Now

Join our Mailing List

We’re all about creation and distribution of successful blog and website content. Subscribe now and receive latest updates via email. Name: Email:

Bookmark: