Need Help? Chat icon | Call - 1 888 414 7111
Merchant Accounts.ca logo
Home > FAQ > E-commerce Payments

Technical Questions


How does e-commerce work?

E-commerce is the process of selling sell goods or services over the internet, with payment from the customer being made online. Visit our merchant account lesson for a detailed and thorough explanation of how e-commerce works.





How do I start collecting payments online?

To begin accepting credit card payments online you must connect your website to the payment gateway. You have several options to choose from:

Shopping Cart Programs:   Many merchants choose to use a compatible shopping cart that is already integrated and works with our payment processing service. This is the easiest way to get started because there is no programming required.

Direct Integrations:   We provide technical documentation to build your own direct integration to the payment gateway.

EasyInvoice:   Our simple online payment page that you can use to receive payments. This is a free service for our customers.





Direct Integration Details

You can use our payment gateway which is included at no extra charge (view our rates page), or use one of many compatible 3rd party payment gateways.

The reason we work with many payment gateways is our merchants are located in different countries, and process different currencies and payment types. The choice of which gateway API is best depends on these things, as well as other criteria such as whether you are looking to do recurring billing, or have PCI compliance considerations.

Please contact us to discuss your requirements. This will ensure you get the correct API, and allows us to discuss other considerations such as recurring billing, and anti-fraud features such as 3dSecure. You'll receive full technical documentation, a test account, and integration assistance from the support team. We can also discuss using compatible 3rd party gateways such as Authorize.net if that is your preference. (See a list of compatible 3rd party payment gateways).





What 3rd party payment gateways do you support?

We include the payment gateway at no additional charge. (The rates on our rates page include the payment gateway with no additional cost). We also support many 3rd party gateways because some developers prefer a specific gateway, or may have software that is already integrated to a particular payment gateway. Supported payment gateways include:

The above list is not comprehensive. If you require a gateway not on the list it may already be supported. Not all gateways are available to merchants in all countries. Furthermore, not all payment gateways are multi-currency compatible. Contact us for the latest list of compatible gateways, and to discuss the technical / integration requirements of your project.




Compatible Shopping Cart Programs

There are many shopping cart programs available that are compatible with the payment gateway. This makes it simple to complete your integration because no programming or customization is required.





Is a shopping cart necessary to accept payment online?

Shopping cart software is what keeps track of the items your customer wants to buy as they surf your website. They can also perform more advanced functions like inventory tracking and advanced tax and shipping calculations. Merchants that process a large number of transactions, or those with a high processing turnover should use a shopping cart.

If a merchant does not have these requirements, then a shopping cart may not be necessary. We offer EasyCheckout and EasyInvoice for free to our customers. Both offer an extremely quick and hassle free integration and are highly effective at capturing online sales. You can easily add either, or both, to your website. Keep in mind that EasyCheckout and EasyInvoice do not offer all the functionality of a full-blown shopping cart, nor are they meant to. EasyCheckout and EasyInvoice are free, and ready-to-use for clients that don't yet have a requirement for a full a shopping cart. Remember that you can always start simple and later move to a more advanced shopping cart as your business grows.





Can I Add 'Buy Now' Buttons To My Website?

Yes you can! We offer EasyCheckout for free to our customers. EasyCheckout makes it simple to add 'Buy Now' buttons to your website. While EasyCheckout does not have the power of a full-fledged shopping cart program, it offers 80% of the functionality at 0% of the cost! It's meant to be used by merchants who sell a small number of products and don't need the more advanced functionality of most shopping carts. Click here to find out more about EasyCheckout.





Do You Have an Online Invoicing Solution?

Yes we do! We offer EasyInvoice for free to our customers. EasyInvoice is an extremely effective online invoicing solution that is simple to add to your website. Click here for more information and a demo.





Is recurring billing supported?

Yes, recurring billing is fully supported and is easy to implement. There are several recurring billing integration options including methods in which you do not have to store any credit card information. (This is an important benefit for merchants that want to minimize contact with sensitive cardholder data).

Recurring billing requirements tend to vary widely across our client base. For example, you might want to initiate and bill a customer's credit card dynamically each month for a unique amount based upon some type of usage fee. Other businesses may need the system to handle everything and just push a success notification upon authorization of the card at a specifically designated time interval.

The recurring billing system is extremely flexible and can support 1-off, merchant initiated, fully automatic, dynamic amounts, batch upload and other recurring billing requirements. We strongly encourage you to contact us to discuss your specific recurring billing requirements. We will provide you with a test account so that you can thoroughly test the system.





Is a virtual terminal available for telephone, mail and fax orders?

Yes, you will receive a virtual terminal which will enable you to securely key in transaction details on behalf of your customers. This solution can be used for trade shows, telephone orders, or any other customer interaction where payment is not able to be collected through your website.



What are your recommended e-commerce best practices?

This is not a difficult question, but every business has unique criteria to consider. We provide the benefit of our expertise to every one of our clients, and encourage you to contact us with your questions. With that said, we can offer 3 important points applicable to every company with an aspect of it's business on the internet:

-- Do not store any cardholder data of any kind unless absolutely necessary.
Merchants using the Standard/HTML method of integration will not have access to any cardholder data of any kind when processing online transactions. The customer enters cardholder information while they are directly connected to the payment server. This makes it impossible for merchants to come into contact with any cardholder data when doing online transactions. More advanced methods of integration are available, but unless you need it, why would you want to store credit card data?

-- Provide clear and easy to find contact information.
If customers have questions or concerns they need to be able to speak to someone in your organization. This will make it easier for the customer to purchase, and they can do so with greater confidence knowing that yours is a legitimate operation with good customer service.

-- Maintain a customer friendly refund policy.
When purchasing online the customer must know they will receive a quality product or service. With a clear and reasonable refund policy, your customers will be able to purchase in confidence and this will minimize the likelihood of future disputes with customers.





What Should I Know About Security?

The topic of e-commerce security can be both simple or complex depending on how a merchant chooses to setup their online payment system. Although our payment systems can support any type of integration, we recommend that small business owners take a simple approach to e-commerce security by using a method of integration that makes it impossible to touch, receive or store credit card information.

It is easy to accomplish this type of integration. You will not touch or store any sensitive information because your customers will enter their card details while they are directly connected to payment gateway.


Eliminating Cardholder Data - How It Works

Merchants that wish to use this method of integration will receive website hosting on the payment server. You have the ability to upload your graphics to the payment server and can completely customize the look and feel of the page so your customer will not be able to tell that they have in fact left your site and are directly connected to the payment gateway.

It is on this page that the customer will actually enter their credit card details. When they press the "Submit Payment" button the transaction details are securely encrypted and passed directly from their computer to the payment gateway. At no time was any part of this process handled from the merchants website. All information passes directly from the visitors browser to the banks payment server.

The gateway will check to see if the cardholder has sufficient funds, and if so the user is automatically directed back to your website. When the user is taken back to your website you will receive all of the transaction information -- except for the cardholder data. In place of the credit card number you get a reference ID for the transaction. All cardholder data is stripped away and it is impossible for you to have access to this information.

Your shopping cart software will know everything it needs to complete the order, and you have managed to do so without ever touching, seeing or storing any cardholder data. The reference ID you receive with the approval message can be used later in your control panel if you need to perform a refund or look up a transaction amount. At no time, not even in your control panel, can you find or touch any credit card information of any kind.

If you eliminate the ability to come into contact with credit card information, you go a very long way towards making sure you have implemented a secure e-commerce solution.





Supported Security & Anti-Fraud Features

We offer extremely secure, bank endorsed, real-time credit card processing that utilizes a range of industry leading security technology, including AVS and CVV2.

AVS - AVS stands for "Address Verification". This is a unique anti-fraud mechanism, that verifies the billing address the user enters matches the actual cardholder's address on record at the issuing bank.

CVV2 - CVV2 stands for "Card Verification Value". This is a 3 digit number found on the back of the customers credit card. This number provides an additional layer of validation as the customer must have the credit card physically present, in order to determine the CVV2 number.

3DSecure - 3DSecure is one of the newest methods of combating fraud and is an important tool in any online merchant's arsenal. More information on 3DSecure can be found here.


The processing centre is securely linked to processing banks worldwide, who handle the credit card authorizations online and process the transactions in real time.

Most importantly, we have carefully developed our processing solution in a way that ensures the merchant will never come into contact with any credit card numbers whatsoever.

Merchants using the HTML method of integration cannot come into contact with sensitive information because credit card numbers are entered while the user is directly on a page hosted by the payment gateway. Because the credit card numbers are never seen by the merchant, and are not stored or recorded in any way, this removes the possibility of credit card numbers being lost or stolen. This greatly reduces the risk of liability for the merchant and increases security for the customer.

Note that advanced customers can choose to accomplish an XML integration which will enable them to retain full control over the user session throughout the payment process.





Is Verified by Visa / MasterCard SecureCode supported?

The payment system fully supports 3DSecure - Verified by Visa and MasterCard SecureCode.

Verified by Visa is an additional layer of password protection on top of the standard anti-fraud protections built into the gateway. Verified by Visa is an interesting and favorable security feature for online merchants because if a transaction has been validated using Verified by Visa cardholders cannot claim that the transaction was unauthorized. This shifts some of the risk from the merchant onto the cardholder, making it a very desirable security feature for online merchants.

The Verified by Visa and MasterCard SecureCode service is included at no additional charge.





What Is SSL (Secure Socket Layer)?

SSL stands for Secure Socket Layer. SSL is a method of encryption that is used to protect sensitive data as it is passed across the internet. Modern SSL encryption is so strong that it has been calculated that a 128 bit symmetric key would, on average, take more time to crack by brute force than the solar system has left before the sun goes nova and swallows the earth.





Do I need SSL on my webserver?

SSL is strongly suggested for all e-commerce websites. If you use an integration method that allows you to redirect the user to the payment gateway where all sensitive data is collected directly by the gateway than it may not technically be necessary, however all other integration methods require it. Google also encourages businesses to use SSL on the website as a best practice and we encourage it's use as well.





How stable and reliable is your payment system?

We leverage many banking relationships to tie into a global processing network. Our payment systems are powered by Home Trust and other full member acquirers that are world leaders in international e-commerce payments.

The various payment systems are nothing short or state of the art, capable of tremendous transaction volumes of hundreds of simultaneous transactions per second, per customer. In total over 12 million transactions are processed every day by a wide range of merchants, ranging from small home based businesses to massive global organizations such as Sony.

Stability and reliability are something to be taken seriously. By partnering with leading global banking institutions and acquirers we are able to deliver world class, enterprise level processing that meets and exceeds the needs of even the largest global brands processing online today.