The shift to a global economy has already begun, but that doesn’t mean there aren’t a lot of merchant accounts and service providers still playing catch-up. Even governments are scrambling to adapt to a new economy as evidenced by the EU VAT laws that came into place earlier this year.
There are large discrepancies between service providers when it comes to accepting credit and debit cards on your website. Therefore, it’s worth your time to perform a little research. Some platforms are still adapting while others have mastered that which is supposed to represent eCommerce in 2015 – simple, seamless and user-friendly.
Maybe you’ve recently purchased an Elegant Theme that’s WooCommerce ready and have plans to begin setting up an eCommerce store. If that’s the case, you have probably already run into the issue of selecting and integrating a payment processor. The payment gateway and processor landscape is vast and making the right decision can be a time-consuming process.
It’s not a topic that we typically have to deal with and let’s be honest here, it’s not something that most of us will look forward to learning about. However, it is necessary.
In this article, I’m going to try to make the learning process as straightforward as possible. We’ll cover the basics of payment processors & gateways, plus some of the different ways of integrating the ability to accept payments into your website. To finish off, we’ll take a look at some general guidelines to think about before you make any final decisions.
Do I Need a Payment Processor or Gateway?
The payment processor vs payment gateway question is a common one and it comes with some good news. The line between the two services has become pretty blurred as of late. In the past, there was often a need to select both a processor (merchant account) and a gateway. Now there are many companies that provide access to both. But what’s the difference?
Payment gateways represent what is essentially a locked door through which financial transactions take place. The parties involved are your website, your customer, and the company who provides your merchant account. Sometimes the gateway and merchant account can be handled by the same company.
In order to make sure that your customers personal information is kept secure, payment gateways are required to be what’s called PCI-DSS compliant. PCI-DSS stands for Payment Card Industry Data Security Standard and represents all of the big players including Visa, MasterCard, Discover, Amex, and JCB.
Anytime you’re dealing with customer’s personal and financial information, it’s important to take the process very seriously. Especially with the recent FTC decision demonstrating their ability to go after companies who fail to take customer privacy and security seriously.
Once your customer decides to make a purchase through your online store you need an intermediary who is responsible for processing the transaction. This is where the payment processor or merchant account comes into play.
Payment processors are responsible for four things:
- Managing the relationship and risk between your business and the credit card companies.
- Managing your customers personal and financial data.
- Processing the transaction by debiting the customer and crediting your account.
- Transferring the funds to your bank account.
Traditional payment processors are typically more thorough when it comes to setting up accounts. If you apply for a merchant account, you should expect a lengthy application process that can include questions about your business and the products or services you sell.
This is where the line begins to blur somewhat. Some companies, such as BeanStream offer payment processing as well as optional payment gateway services, technically making them a full-stack provider. But we also have companies like PayPal and Stripe who also appear to offer payment processing without the need for a merchant account.
It can actually become a little unclear how some providers are structured. For example Stripe makes the following statement:
We abstract away the gateway and merchant components of accepting payments online to give you a simple and easy experience
Essentially what this means for you as the end user is that companies like Paypal and Stripe are acting as the intermediary between your business and the credit card companies. If you appear to be doing something that increases their risk, your account could be locked down until the security issues are resolved.
To be fair, this can happen with any payment processor but as a general rule, full-service providers often have a lower risk tolerance. For the most part, this seems reasonable since applying for an individual merchant account can often involve things like credit and reference checks. The barrier to entry is lower for some full-stack operators.
How to Integrate Your Payment Processor
Exactly how you go about integrating your payment processor into your website will depend partly upon which method you prefer, but also how technically involved you want the process to become. There are three primary options:
- Hosted Payment Page
- Hosted Tokenization
- Full API Integration
For our purposes, we’re going to focus on the first two options simply because they’ll be the most common ones you’ll end up considering. Options 1 & 2 also reduce your PCI-DSS compliance requirements since you’re relying on the payment processors servers instead of your own.
Hosted Payment Page
The first option is to use something called a hosted pay page or “HPP”. In most cases, a hosted pay page is one of the easier options to implement, in particular because most of the security requirements are managed by the payment processor. Setting up an eCommerce store using hosted payments is usually a fairly quick and simple process.
When a customer adds items to their cart and decides to check out, the information is passed from your website to the HPP. Because the HPP is hosted on the payment processor’s secure server, the security requirements are borne by the processor (PCI-DSS). It can also eliminate the need for you to purchase an SSL certificate since none of your customers confidential information is stored on your server.
PayPal is a good example of a hosted payment page but keep in mind that payment processors also offer HPPs – including the likes of Moneris and Beanstream. And while HPPs are “easier” to set up, you should still expect that the first time through the process will require some extra effort. The documentation provided by many payment processors leaves much to be desired.
The primary downside to this payment solution is the fact that your customer technically leaves your website in order to complete their purchase. Most hosted payment pages offer a feature that will redirect the customer back to your website once their transaction is complete.
Using a hosted pay page for a payment processor like Beanstream or Moneris offers a similar experience to completing a purchase using PayPal. It’s certainly not seamless, but it’s also not exactly foreign to most customers either. In fact, some customers may feel a sense of security knowing that they have been redirected to what is technically a more secure website.
The final issue surrounding HPPs is that they are rarely 100% customizable. You can usually make a small adjustment to the overall appearance of the page, but it’s never perfect. That said, there are always exceptions to the rule and services like Mijireh do a pretty darn good job of integrating with your existing theme.
Hosted Tokenization offers a middle ground that lies between a hosted payment page and a fully integrated API solution. It allows you increased customization over your customers’ checkout experience without having to deal with full PCI-DSS compliance (it’s handled by your processor).
Payment processors like Moneris, Beanstream, and 2Checkout all offer solutions that limit your compliance requirements while improving your customer experience and conversion ratio.
On the back-end, hosted tokenization can seem like a complicated process but almost everything important happens behind the scenes. Your customer enters their payment details in a secure form, often a popup which connects directly with your payment gateway. In return, they send a token (like an encrypted key) that represents your customer’s card number back to your store. At this stage in the process, you can then complete the customer’s transaction and generate a final receipt. Usually, tokens expire within 15 minutes and are worthless to anyone except your eCommerce store.
While not quite as simple as the hosted pay page, hosted tokenization offers a superior and more seamless checkout experience. Take a look at how the hosted-tokenization process looks for 2checkout.
In almost all cases, you’ll want to rely on third-party options to help you accept payments on your website. Once your merchant account / payment gateway is set-up, all you need to do is find a way to actually accept payments.
Luckily, as a WooCommerce user you’ll find dozens of integration options available in the WooCommerce Extensions Catalog. This is by far the best place to start your search.
In case you’re not using WooCommerce, there are still more than a few options available to you. If you’re a service provider who wants to offer customers the ability to make payments online, you can always take a look at using something like NinjaForms and one of their payment gateway add-ons. Alternatively, Gravity Forms also offers several payment integration options including PayPal, Stripe, and Authorize.net.
Choosing Your Gateway & Processor
Now that you’re familiar with some of the common terms, you’ll be more capable of making the right choice when it comes to picking you service providers.
By far one of the most difficult decisions is actually choosing your payment gateway and processor. There are literally so many options that the process can become confusing. Having set-up a few of these services, including hosted pay pages, there are some simple guidelines and things that are good to think about before you make your decision. However, this is by no means an exhaustive list:
1. Make sure your payment gateway, processor, and bank are all compatible with one another.
For example, Beanstream can be used as a payment gateway that is compatible with most merchant accounts and banks throughout North America, Europe and soon to be Australia. Not all services will work together and some may even have limited geographical capabilities.
2. Language and currency support might not matter to you, but it sure matters to your customers.
3. Are all the payment methods that you want to accept supported?
A good rule of thumb is to accept at least 3 major credit cards and give strong consideration to accepting debit cards as well.
4. Is the checkout process mobile friendly?
There is no room for negotiation on this feature – if your website isn’t 100% mobile friendly, including the checkout, you’re in trouble.
5. Do you require recurring billing and does your processor support it?
6. Does the payment processor offer great customer support?
If you’ve ever sat on hold for 30 minutes waiting to ask a quick questions about the test environment for a hosted pay page, you’ll understand why this is important.
7. Pay attention to how quickly settlement occurs.
It’s great to make a sale on your website, but it’s no fun having to wait 7 days to actually receive the money in your bank account.
8. Is your gateway likely to be trusted by your customers?
If you’re online all the time you’ve likely become comfortable with or recognize many of the different payment gateways. Your customers may not feel the same way which is my the big names carry some weight.
9. Fees are important to pay attention to, but they aren’t everything.
Instead of looking for the least expensive fees, consider what you’re getting for your fees. They should be competitive but not at the expense of service or vital features.
If you’ve made the decision to launch an eCommerce store or to add the capability for customers to pay for services on your existing site, you have a lot to think about.
Choosing how to accept payments on your website can be an incredibly confusing and time-consuming process. There are enough options available to keep you researching for days. Sometimes the best approach is to start with a gateway and processor that you are familiar and comfortable doing business with. Making changes in the future is always possible.
If you’re running Elegant Themes and WooCommerce, which payment gateway and processor do you prefer and why? Please share your thoughts in the comments below.
Article thumbnail image by Incomible / shutterstock.com