Accepting payments online is not a new concept. If you run an e-commerce store or you need to accept payments for any other reason, security should be kept at a high standard.
So where should you begin? There are numerous ways to accept credit cards online. I will cover the three methods listed below.
- Redirect your payments to a third party site, such as PayPal standard.
- Use a hosted form on your website, simplifying PCI compliance.
- Host your own form to accept credit cards.
1. Redirect your payments to a third party site, such as PayPal standard.
This is the easiest method to accept payments online. First, sign up for a PayPal Standard Account. After you create an account on PayPal, you can automatically generate BUY buttons on their website. However, if you are selling hundreds of items on your site, this would be a bit tedious from a usability standpoint.
A better solution would be to add a cart to your website. On checkout, you could send the order total to PayPal. Your website would not require an SSL certificate since it is not directly accepting credit cards, instead the transaction is being re-directed to PayPal.
So what are the drawbacks of PayPal Standard or third party vendors. The biggest drawback, is that your website does not present a professional interface because your clients will leave your website to make a payment.
Use a hosted form on your website, simplifying PCI compliance.
Processors may give you the option to use a secured hosted form on your website. This is a great option because this simplifies PCI compliance. The form is embedded in your site using an I-frame and the form is already SSL encrypted from the payment processor. This gives your users a smooth checkout experience.
This is a great option, however some programming knowledge is required if you are using a shopping cart and tracking orders back into your CMS or OMS system, because you need to record the response from the payment processor and store it in your cms.
In non-technical terms: This results in fewer abandoned shopping carts, because people checkout on your website.
Host your own form to accept credit cards.
This option by far gives you the most professional appearance, control, and smooth checkout experience for your users. It also requires PCI compliance, quarterly ASV scans, a SSL certificate, and vast programming knowledge.
Personal data and credit card numbers are entered on your website. The information is then passed through your gateway to the payment processor to process the transaction.
Most processors offer Tokenization. No longer do you need to store Credit Card Data in your database. Just store the Token Id, and your site can process recurring payments.
In most cases this is done through an API.
In non-technical terms: This results in fewer abandoned shopping carts, because people checkout on your website. Secondly, you have complete control for total customization on how you display, and process your transactions.
In a future blog post we will cover Credit Card Authorization, Card Verification, Capture, Settlement, Multi-Settlement, Void, Cancel, Recurring Payments, and Tokenization.