Accepting credit card payments?

SchmitzIT

Well-known member
We're currently looking into a way to accept credit card payments online. Does anyone have any experience with the various providers, etc? Which provider would you recommend, what kind of protection do I have against fraud, etc?

I'd be very interested in hearing other people's experiences on this.

Thanks!

Peter
 
Without wanting to pry, you need to provide a bit more data, how much in $/£ do you sell per month? How much is your average sale? Are you selling software / physical products?

Finding a provider isn't clean cut as picking one and going with it, there are multiple factors that drive the choice, and you will probably find as your business grows you may change providers 2 or 3 times.
 
Well, I run several websites, and ideally would be able to offer different products on all of them, and have them handled by a single payment provider. Some products will be "actual" goods to be shipped, others will be downloadable or e-books.

I do currently have paypal in place, but not everybody uses it. I figured adding a way to process real credit cards might help boost sales a little. I'm mostly looking at selling stuff under 50 USD in value, though there might be exceptions.
 
To be honest, do NO go that route, add google or accept money orders but stay as far away as possible from credit card payments. Unless you have sales in the $5-10,000's per month, it is NOT worth the fees the merchant service "sharks" charge you. Plus they have equipment rental fees or the purchase fees of the equipment. Add that to the fees they charge for processing the payments. And if you have one fraudulent customer, you eat the charge.

Stay away and find another way to handle it. Btdt, will NEVER, EVER do it again.
 
Well, I run several websites, and ideally would be able to offer different products on all of them, and have them handled by a single payment provider. Some products will be "actual" goods to be shipped, others will be downloadable or e-books.

I do currently have paypal in place, but not everybody uses it. I figured adding a way to process real credit cards might help boost sales a little. I'm mostly looking at selling stuff under 50 USD in value, though there might be exceptions.

Paypal payments pro with vigorous verification if your only starting out small. It's easy to use and set up, and while the rates arn't the best, they arn't extortionate either. The vigorous verification also protects you from fraudulent charges.
 
You may need to be PCI certified, PA DSS and a lot of other things. I'm still going through the process. Started in December. The software that will hold the data, or have access to the data will need to be PA DSS certified, for instance.

Read up on these articles:

How to Become PCI Compliant
PA-DSS Implementation

Otherwise, you could face fines. They're not exactly small fines either. Well, unless $10,000 is a small fine, in some cases. I think it's a fine per customer.
 
Consider doing it yourself. Open a business account with your bank and get them to arrange everything for you, just fill out the flyer at your bank. Then you can just take the credit card order yourself by phone or secured online form.
 
Consider doing it yourself. Open a business account with your bank and get them to arrange everything for you, just fill out the flyer at your bank. Then you can just take the credit card order yourself by phone or secured online form.

That would still require a PCI compliant system, and PA-DSS certified software, of the online form.

However, if you write the software yourself, it doesn't need to be PA-DSS certified; note that if the software uses a datasource, e.g. XenForo, then XenForo will need to be PA-DSS certified.
 
Shamil I would just use a merchant than go through the hoops of directly accepting payments. I worked for years in the payments industry (one of my last projects was an EMEA PA-DSS project) and while its an evil, evil industry I definitely would let the big boys handle your stuff. I know as a customer I would prefer that.
 
I would suggest you go with a provider who is already PCI DSS compliant and not have any of the credit card details on your own system. The specs change and they are getting more and more stringent.

The provider can provide you with a masked variant of the credit card number for your own records and you do not need to worry about being compliant. The Company I work for is currently spending thousands and thousands on PCI compliancy. It is an ongoing thing for us, every new system introduced has to be analysed to see if it is in or out of scope, then there are the quarterly penetration tests and finally the audits carried out by QSAs. Not cheap, but then this is for a Tier 1 retailer.
 
Shamil I would just use a merchant than go through the hoops of directly accepting payments. I worked for years in the payments industry (one of my last projects was an EMEA PA-DSS project) and while its an evil, evil industry I definitely would let the big boys handle your stuff. I know as a customer I would prefer that.

We are currently using merchants rather than accepting payments directly. It is a lot less of a hassle. It is easier, however, for some customers to have the thing done directly (some customers are easily confused).
 
Be careful then about which countries you take direct payments from. A lot of them have strict privacy laws that require that data to be held on a server inside their country. We ran into this issue a lot in South America and Europe.
 
Moneybookers offers the most payment methods. Its much better than paypal and they will not freeze / seize your account for trivial reasons like paypal often does.
 
Would ClickBank be any good?

I've used it for years to take payments at my web directory qango.com - however, I seem to remember you have to setup products, so it might not offer the flexibility you might want.

Cheers,
Shaun :D
 
Top Bottom