Everything You Need To Know About eCommerce Payments
It’s hard to beat the convenience of selling products over the internet. Not only do you not have to worry about paying the overhead costs of a brick and mortar store (unless you want to), but you can sell to customers that live far from your local market.
If your experience taking electronic payments has been limited to swapping cash with friends via Venmo, you’ve probably got a lot of questions about how to get started. In truth, it’s probably both more and less complicated than you think.
So let’s dive in and try to teach you everything you need to know about eCommerce payments.
Table of Contents
- 1. There’s No One-Size-Fits-All Solution
- 2. You Need A Payment Processor And A Gateway
- 3. You Can Accept More Than Just Credit Card Payments
- 4. You Need To Be PCI Compliant
- How To Find An eCommerce Payment Provider
1. There’s No One-Size-Fits-All Solution
First, some disappointing news. There isn’t one single “correct” way to handle eCommerce. The right payment processing solution will depend upon a number of factors. Take a business website, for example. Do you currently have one that you’d like to start selling products through? Or are you content to use a premade shopping cart template? If you’re a relatively technical person, you can integrate solutions into your site with software APIs or plugins. If you’re not, you’ll probably want to consider a service that provides that functionality upfront. While you can potentially save money doing it yourself, you’ll need to make sure that you’re keeping your customer’s information secure and reducing your own liability.
You’ll also want to consider the nature of the payments you’ll be accepting. Are your customers just buying a product one-off, or are they subscribing to a service that will require recurring monthly payments?
And of course, you’ll need to take stock of your budget and figure out how much you’re willing and able to spend on payment processing and any additional software services.
2. You Need A Payment Processor And A Gateway
A common point of confusion for people new to eCommerce is that there are actually two components to taking payments online. You need both a payment processor and a gateway. These services may be offered together as a package (PayPal, Square, and Stripe, for example) or separately. If you do end up going with a payment processor that doesn’t include gateway access, you’ll need to get it from a separate service like Authorize.net.
- A payment processor provides an account that allows your business to accept credit cards and receive credit card payments. It’s also used to deduct fees and processing charges associated with the transaction. After the payment gateway successfully processes a transaction, your payment processor receives the information.
- A payment gateway stands in for what would be your point of sale (POS) interface in a brick-and-mortar transaction. It allows you to securely process payments online by relaying the transaction information from your site to the processor, which then requests the payment from the customer’s bank before releasing funds to you. A payment gateway is also responsible for most of the security features associated with online payments as well as offering services like recurring payments and a credit card vault.
Types Of Payment Processors
Because nothing is ever simple in the world of payment processing, you won’t just need to think about getting a payment processor, but what type of payment processor you need.
The safest option is to go with the tried-and-true merchant account. Think of your merchant account as a holding area where all the busy work of receiving a credit card payment happens. Unlike, say, a business checking account, you don’t have direct access to your merchant account or the ability to directly make deposits and withdrawals to it. Instead, it automatically transfers payments to your business bank account, typically a day or two after receiving the transaction.
Merchant accounts are generally stable and you’re unlike to encounter holds, freezes, or terminations unless you have a sudden spike in chargebacks. Because of the underwriting process, merchant accounts are somewhat slow to establish–you’re probably looking at three days or so to get it up and running, though if you are negotiating or your business is particularly complex, it could take longer. The biggest drawback is that they often have minimum credit card transaction thresholds you have to meet; $5,000/month is typical but some expect you to handle at least $10,000/month in credit card sales. Pricing models with merchant accounts vary, and not all of them are great. We recommend interchange-plus pricing because it’s the most transparent and easiest to compare.
So what do you do if your new business isn’t doing that kind of sales volume?
You can turn to a third-party processor (aka payment services provider). Instead of having your own, unique merchant account, a third-party processor puts you in a pooled account with other merchants, from which fees are deducted in a similar manner to the merchant account. Signing up for a third-party processor is typically faster and easier than for a merchant account (you can start accepting payments the same day), but puts you at greater risk of account holds and terminations. Still, they provide an entry point for new businesses, or established ones that want more predictable pricing. Most third-party processors use a flat-rate pricing model where you’ll pay the same fee regardless of the card type; for eCommerce, that rate is commonly 2.9% + $0.30.
3. You Can Accept More Than Just Credit Card Payments
While credit and debit cards will probably make up the bulk of your eCommerce transactions, they aren’t the only way to make payments online.
It seems like every few years a new tech company rolls out their own digital wallet. We’re talking about services like Apple Pay, Google Wallet, PayPal, Venmo, and Cash App that allow you to link one or more payment sources to a single app account. In person, mobile wallets (a type of digital wallet that lives on your phone) allow you to make near field communication (NFC) purchases at terminals that allow tap-to-pay. In most cases, mobile wallets directly debit a linked credit or debit card while other digital wallets tend to store a balance, which can be used to make payments or be deposited into a bank account.
Many of these services can be used to make payments online as well. If your payment gateway doesn’t support mobile payments out of the box, it probably won’t be that big a deal since the customer can still just pay with the card attached to their mobile wallet. But if you want to go ahead and support mobile payments, you may have to add some code to your store.
The other type of payment you may want to think about isn’t cutting edge. In fact, it’s been around since the 70s: the automated clearing house (ACH). ACH transactions cut out the credit card company middleman and instead establish direct transfers between bank accounts. ACH payments can be one-time transactions, but if you’re using them in a retail context, you’re probably more interested in using them for recurring payments.
ACH is a bit more laborious to use at the point of sale than credit/debit cards, but it is a much less expensive way to process transactions and less prone to fraud and chargebacks. Most payment processors don’t offer ACH support by default, but a number do offer it as an add-on. Failing that, you may need a supplemental service.
Do You Want To Sell Globally? Prepare To Pay More
The internet is a miracle of the modern age, connecting people together and granting you easy access to markets abroad! Right?
While it’s true that you can theoretically sell anywhere in the world, it introduces some additional complexities. For starters, there’s the matter of different currencies. Someone’s got to turn those euros into dollars! Some service providers, like Stripe, will handle currency conversions for you. Keep in mind that this service will usually come at a premium; in the case of Stripe, you’re looking at an additional 2% charge on your transaction.
And of course, you might want to convey the price of your goods to customers in their local currency. This feature usually goes hand-in-hand with automatic currency conversion, but you might need to enable this feature if you want to attract global buyers.
You’ll also need to take local taxes, customs, and duties into account, which means familiarizing yourself with foreign concepts like the value-added tax (VAT), which is used in Europe, Canada, South America, and Africa, as well as China and India. Here again, there are services that can take care of most of this complexity for you, but be prepared to pay for the privilege.
4. You Need To Be PCI Compliant
If you’re doing eCommerce, you’re going to be handling people’s money, and that means security concerns. And yes, yet another acronym.
The Payment Card Industry (PCI) has established a set of guidelines called the PCI Data Security Standard (PCI DSS) designed to minimize the risk of data being compromised by bad actors. So far so good, but PCI compliance is complicated by the fact that it’s actually a set of four different standards. The standard that applies to you is based on the number of debit and credit card transactions you process annually. Risk level four is considered the lowest risk, while risk level one is considered the highest. The fewer transactions you process, the lower risk you are unless there’s a data breach, at which point you’ll probably be considered risk level one regardless of your volume.
It gets a bit complicated, but what this means in practical terms for you is that you want to make sure your payment processor is PCI compliant and that you’re following the guidelines laid out by your PCI-compliant payment processor.
Payment Security Is Important
It can be a headache, but payment security will ultimately help protect your business and save you from costly chargebacks and account freezes. EMV chips have helped to reduce in-person credit card fraud, but unfortunately, that means online transactions are the new low-hanging fruit for fraud.
In addition to maintaining PCI compliance, security features like AVS (Address Verification Service) and CVV (Card Verification Value, that short number you’re asked for sometimes) provide extra layers of verification would-be fraudsters have to work through. Programs like Visa’s 3D Secure are also constantly evolving to make the changing payment security landscape.
How To Find An eCommerce Payment Provider
Got all that? eCommerce payment processing has a lot of moving parts that can confound even the tech-savvy. Having a sense of the functionality you need in advance will make it much easier to select a payment processor and gateway that can handle the transactions your business depends on. But you should also keep in mind how much of a budget you have for the monthly services required to keep your eCommerce setup running, what you can expect to pay for payment processing, and whether you’re going to need some technical assistance in building out your system.
If you’re ready to get started, we recommend checking out our list of the best online credit card processors. This will give you the rundown on some of the best options in the industry. If you want to learn a bit more about online payments before you get started, our article How To Choose An eCommerce Merchant Account is another great resource.