Guide to Online Payment Acceptance – Part 3By Matt Mickiewicz and Jim Conley
If you read last week’s instalment, you might think that there are only two options to process online payments. But there is a third option… well, sort of.
The "Other" Option â€“ No Merchant Account Required
If you have little cash on hand, or sell a limited number of products, you can try one of the alternate processing companies (called third party processors). Instead of paying setup fees, transaction fees, statement fees, discount fees and the like, you’ll simply pay 10-20% of the sale price of each product. We don’t recommend using these companies in the long-term. They’re excellent if you are just starting out and you don’t need the cash from sales right away (CCNow, for example, withholds part of the proceeds from a sale for up to three months to protect against chargebacks) but in the long run they will end up costing you a lot more.
Once you’ve generated enough capital to support a real merchant account for your company, get one. If you’re a non-US based business, the best way to go is to use a 3rd party processor, at least until the cost for a real merchant account drops. Many of the companies below support both US and Non-US based businesses:
Chargebacks and Fraud
Chargeback – the word that Internet merchants fear. A chargeback is when a transaction is reversed. In other words, rather than adding money to your account, it is deducted. Chargebacks can occur for a wide variety of reasons, such as double-charging, credit card expiration, bank errors, and customer disputes. If your Merchant Account incurs too many chargebacks, there’s a possibility that you will loose your account. Once this happens you’ll be placed on the Visa/MasterCard MATCH list for several years. All Merchant Account Providers have access to this list, and if they find your name on the list, they’ll usually decline to issue a Merchant Account to you. But if you’re one of those merchants who have lost their Account, there’s still hope. Bank Card Law specializes in helping companies who’ve lost their Merchant Account due to excessive chargebacks.
Here are some tips that can help eliminate chargebacks:
- On your order confirmation page, make a note to the customer as to the name (phone number, email address, etc.) that will appear on their monthly credit card statement.
- Also include a note about these details in the email confirmation that your customers receive when an order is placed (they do get one don’t they? If not, they should… it’s good for keeping records).
- Use Address Verification. People who order products with a stolen card number will never use the real cardholder”s billing address, so this is your chance to stop the order before its too late!
- Scrutinize orders from foreign countries. A large percentage of fraudulent Internet purchases are made from Indonesia, Russia, and other eastern block and developing countries.
- If an order seems suspicious, call or email the customer and attempt to verify anything you can about them. Pay attention to strange orders and then follow up.
- And lastly, if you ship a product, attach a note to the customers invoice.
And always keep copies of transactions, so that, if you’re ever challenged, you have some kind of defense.
Unfortunately, online credit card fraud is very prevalent on the Internet. The best thing that you as a merchant can do to reduce the cost of fraud is to be informed. I highly recommend that you dedicate several hours to the exploration of the Websites below, and to the implementation of as many of the suggested strategies as possible within your ebusiness:
- AntiFraud, includes list of over three thousand domains that are used for free email, and which can conceal the identity of the real customer.
- Internet Fraud Watch
In almost all cases, you’ll be held responsible when a fraudulent credit card is used on your site, and you will be charged for the sale. Alas, authorities are unlikely to get involved in a fraud case unless very significant amounts are involved, although you should not hesitate to report each and every case of fraud that occurs.
Secure SSL Certificates
Of course you’ll need a company to host your Website, but if you decide to process credit card orders, you’ll need a host that can provide a secure server. In many cases the hosting company will provide you with a secure server for free, but in other cases you may have to pay up to $10 per month on top of your normal hosting charges for the secure service.
If you want to use your own domain name as a secure server rather than your hosting company’s domain name and certificate, you’ll need to purchase your own certificate from either Thawte or Verisign, which will cost between $125 and $350 a year. EquiFax is another secure certificate issuer – they can issue a certificate for your site for only $99.
So how does a secure certificate work? A secure server is a Web server application that ensures secure information transfer between a Web server and a Web browser. The encryption is done with a protocol called SSL (Secure Socket Layer). When you connect to a secure server with your browser, the server and the browser use Secure Socket Layer to tell each other how to encrypt the information – then they can securely exchange the data. For example, encryption will allow you to send credit card information to a secure server without anyone being able to identify what kind of information it is.
So, the first task that a secure server completes is the encryption of your information. However, it also does a whole lot more. The most important task a secure server performs is to identify itself to the browser, which it achieves presenting a digital certificate to those browsers who request a secure connection. The certificate works for a secure server the same way as a driver’s license works for you, except that it’s much more difficult to fake.
All of the above happens absolutely transparently for the person who’s browsing the site. Their browser just tells them that the secure connection was established and then shows the page. The most important thing from an Internet merchant’s perspective, is that this gives your customer more confidence, and convinces them that their order information will be transferred to you safely and securely.
Shopping Cart Software
Once you have a secure server up and running, you’ll need a shopping cart, which will display the order forms, store orders, and calculate costs. In addition to ensuring that your shopping cart will work with your Real-Time gateway (if you decide to process credit card orders in Real-Time), you should look for several other prime features:
- ease of installation and quick execution
- customizability so that the pages that are generated by the shopping cart look just like your site
- ability to calculate shipping costs and sales tax
- has all the features that you’ll need for the foreseeable future. Otherwise you’ll need to change platforms before you know it!
- PGP (Pretty Good Privacy) support if you decide to carry out deferred processing through your own software
Consider invesitagting these carts:
Some of the shopping carts listed above are free, while others might cost up to several hundred dollars. Just make sure you match your needs and technical abilities with the software you buy. CGI Resources is home to a number of Perl-written shopping cart scripts that you can easily implement on your site. Simply do a search on their main page for "shopping carts" and you’ll be presented with a number of scripts.
Next week will see the publication of the final section in the series. Stay tuned!