How does e-commerce work?
E-commerce is the process of selling sell goods or services over the internet, with payment from the customer being made online. Visit our merchant account lesson for a detailed and thorough explanation of how e-commerce works.
How do I start collecting payments online?
In order to begin accepting credit card payments online, you must connect your website to the payment gateway so that your payments can be processed. You will have several different options to choose from in terms of how you choose to connect your website to the payment gateway.
Shopping Cart Programs: Most merchants choose to use one of the many compatible shopping carts that work with the payment gateway. This is the fastest and easiest way to get started because there is no programming required. If you need help selecting the right cart for your project contact us.
Custom Integrations: We are able to provide technical documentation for webmasters who wish to develop a custom integration with the gateway. Technical information can be found here.
What are your recommended e-commerce best practices?
This is not a difficult question, but every business has unique criteria to consider. We provide the benefit of our expertise to every one of our clients, and encourage you to contact us with your questions. With that said, we can offer 3 important points applicable to every company with an aspect of it's business on the internet:
-- Do not store any cardholder data of any kind unless absolutely necessary.
Merchants using the Standard/HTML method of integration will not have access to any cardholder data of any kind when processing online transactions. The customer enters cardholder information while they are directly connected to the payment server. This makes it impossible for merchants to come into contact with any cardholder data when doing online transactions. More advanced methods of integration are available, but unless you need it, why would you want to store credit card data?
-- Provide clear and easy to find contact information.
If customers have questions or concerns they need to be able to speak to someone in your organization. This will make it easier for the customer to purchase, and they can do so with greater confidence knowing that yours is a legitimate operation with good customer service.
-- Maintain a customer friendly refund policy.
When purchasing online the customer must know they will receive a quality product or service. With a clear and reasonable refund policy, your customers will be able to purchase in confidence and this will minimize the likelihood of future disputes with customers.
How do I integrate my website with the payment gateway?
Adding payments to your website is easy. There are several integration methods available to suit our diverse client base. For small businesses we offer a simple HTML based integration, which is one of the easiest methods of integration in the industry. Corporate clients can build a direct API connection to the payment gateway to retain total control over the checkout process. The available options include:
1) You can use one of many compatible shopping cart programs. If you need help selecting a shopping cart do not hesitate to contact our support team.
2) Advanced users can build their own custom integration. With this method of integration you can retain complete control over the user session (if desired) and can program in any special functionality you may require.
3) Merchant Accounts.ca provides EasyCheckout (our 'Buy Now' button generator) and EasyInvoice (online invoice form) for free to all of our customers. With EasyCheckout and EasyInvoice there is absolutely no programming required. Quite literally, you will never find an easier method of adding e-commerce to your website.
Further details regarding the different methods of integration have been included below. A free test account can also be issued at your request.
Custom Integration Details
In terms of integration methods we support both direct API methods of integration, as well as redirects and overlay integrations which help reduce the PCI compliance scope of your project.
We provide access to more than one payment gateway platform. Your integration will depend upon the currencies, payment types, and method of integration that you are trying to accomplish.
We offer access to more than one payment gateway platform because we support a huge range of processing currencies in different countries. There is no singular gateway in existence that can satisfy every currency, payment type and country. For that reason you will receive access to a number of payment gateway platforms to choose from (in the USA, Canada and Europe).In order to provide the correct integration documentation we must determine which gateway platform you will want to connect to. The cost of the payment gateway is already fully included in our rates so you won't incur any extra gateway costs. It is just a matter of determining which platform is best for your project.
If you already have a gateway in mind you'd like to use contact us to confirm if it is compatible. We connect into most globally recognized payment gateway platforms. (NMI, WorldPay, Cybersource, PSiGate, Authorize.net, NetBilling, etc.) If you want immediate access or would like to discuss your project you can contact us during working hours for immediate assistance.
Request a test account to discuss your specifications, receive technical documentation and evaluate the platform.
Compatible Shopping Cart Programs
There are many shopping cart programs available that are compatible with the payment gateway. This makes it simple to complete your integration because no programming or customization is required.
Is a shopping cart necessary to accept payment online?
Shopping cart software is what keeps track of the items your customer wants to buy as they surf your website. They can also perform more advanced functions like inventory tracking and advanced tax and shipping calculations. Merchants that process a large number of transactions, or those with a high processing turnover should use a shopping cart.
If a merchant does not have these requirements, then a shopping cart may not be necessary. We offer EasyCheckout and EasyInvoice for free to our customers. Both offer an extremely quick and hassle free integration and are highly effective at capturing online sales. You can easily add either, or both, to your website. Keep in mind that EasyCheckout and EasyInvoice do not offer all the functionality of a full-blown shopping cart, nor are they meant to. EasyCheckout and EasyInvoice are free, and ready-to-use for clients that don't yet have a requirement for a full a shopping cart. Remember that you can always start simple and later move to a more advanced shopping cart as your business grows.
Can I Add 'Buy Now' Buttons To My Website?
Yes you can! We offer EasyCheckout for free to our customers. EasyCheckout makes it simple to add 'Buy Now' buttons to your website. While EasyCheckout does not have the power of a full-fledged shopping cart program, it offers 80% of the functionality at 0% of the cost! It's meant to be used by merchants who sell a small number of products and don't need the more advanced functionality of most shopping carts. Click here to find out more about EasyCheckout.
Do You Have an Online Invoicing Solution?
Yes we do! We offer EasyInvoice for free to our customers. EasyInvoice is an extremely effective online invoicing solution that is simple to add to your website. Click here for more information and a demo.
Is recurring billing supported?
Yes, recurring billing is fully supported and is easy to implement. There are several recurring billing integration options including methods in which you do not have to store any credit card information. (This is an important benefit for merchants that want to minimize contact with sensitive cardholder data).
Recurring billing requirements tend to vary widely across our client base. For example, you might want to initiate and bill a customer's credit card dynamically each month for a unique amount based upon some type of usage fee. Other businesses may need the system to handle everything and just push a success notification upon authorization of the card at a specifically designated time interval.
The recurring billing system is extremely flexible and can support 1-off, merchant initiated, fully automatic, dynamic amounts, batch upload and other recurring billing requirements. We strongly encourage you to contact us to discuss your specific recurring billing requirements. We will provide you with a test account so that you can thoroughly test the system.
Is a virtual terminal available for telephone, mail and fax orders?
Yes, you can receive a virtual terminal which will enable you to securely key in transaction details on behalf of your customers. This solution can be used for trade shows, telephone orders, or any other customer interaction where payment is not able to be collected through your website.
Is there a demo site where I can test out the payment system and see it in action?
We have developed a fully functional e-commerce website to be used for testing. This is a real world integration of the payment system, and aside from having payments set into testmode is a real e-commerce transaction. Keep in mind while on the test website that you could implement an identical integration, or could utilize one of the other available methods of integration.
Click here to visit the demo website. (Demo site will open in a new browser window.)
What Should I Know About Security?
The topic of e-commerce security can be both simple or complex depending on how a merchant chooses to setup their online payment system. Although our payment systems can support any type of integration, we recommend that small business owners take a simple approach to e-commerce security by using a method of integration that makes it impossible to touch, receive or store credit card information.
It is easy to accomplish this type of integration. You will not touch or store any sensitive information because your customers will enter their card details while they are directly connected to payment gateway.
Eliminating Cardholder Data - How It Works
Merchants that wish to use this method of integration will receive website hosting on the payment server. You have the ability to upload your graphics to the payment server and can completely customize the look and feel of the page so your customer will not be able to tell that they have in fact left your site and are directly connected to the payment gateway.
It is on this page that the customer will actually enter their credit card details. When they press the "Submit Payment" button the transaction details are securely encrypted and passed directly from their computer to the payment gateway. At no time was any part of this process handled from the merchants website. All information passes directly from the visitors browser to the banks payment server.
The gateway will check to see if the cardholder has sufficient funds, and if so the user is automatically directed back to your website. When the user is taken back to your website you will receive all of the transaction information -- except for the cardholder data. In place of the credit card number you get a reference ID for the transaction. All cardholder data is stripped away and it is impossible for you to have access to this information.
Your shopping cart software will know everything it needs to complete the order, and you have managed to do so without ever touching, seeing or storing any cardholder data. The reference ID you receive with the approval message can be used later in your control panel if you need to perform a refund or look up a transaction amount. At no time, not even in your control panel, can you find or touch any credit card information of any kind.
If you eliminate the ability to come into contact with credit card information, you go a very long way towards making sure you have implemented a secure e-commerce solution.
Supported Security & Anti-Fraud Features
We offer extremely secure, bank endorsed, real-time credit card processing that utilizes a range of industry leading security technology, including AVS and CVV2.
AVS - AVS stands for "Address Verification". This is a unique anti-fraud mechanism, that verifies the billing address the user enters matches the actual cardholder's address on record at the issuing bank.
CVV2 - CVV2 stands for "Card Verification Value". This is a 3 digit number found on the back of the customers credit card. This number provides an additional layer of validation as the customer must have the credit card physically present, in order to determine the CVV2 number.
3DSecure - 3DSecure is one of the newest methods of combating fraud and is an important tool in any online merchant's arsenal. More information on 3DSecure can be found here.
The processing centre is securely linked to processing banks worldwide, who handle the credit card authorizations online and process the transactions in real time.
Most importantly, we have carefully developed our processing solution in a way that ensures the merchant will never come into contact with any credit card numbers whatsoever.
Merchants using the HTML method of integration cannot come into contact with sensitive information because credit card numbers are entered while the user is directly on a page hosted by the payment gateway. Because the credit card numbers are never seen by the merchant, and are not stored or recorded in any way, this removes the possibility of credit card numbers being lost or stolen. This greatly reduces the risk of liability for the merchant and increases security for the customer.
Note that advanced customers can choose to accomplish an XML integration which will enable them to retain full control over the user session throughout the payment process.
Is Verified by Visa / MasterCard SecureCode supported?
The payment system fully supports 3DSecure - Verified by Visa and MasterCard SecureCode.
Verified by Visa is an additional layer of password protection on top of the standard anti-fraud protections built into the gateway. Verified by Visa is an interesting and favorable security feature for online merchants because if a transaction has been validated using Verified by Visa cardholders cannot claim that the transaction was unauthorized. This shifts some of the risk from the merchant onto the cardholder, making it a very desirable security feature for online merchants.
The Verified by Visa and MasterCard SecureCode service is included at no additional charge.
What Is SSL (Secure Socket Layer)?
SSL stands for Secure Socket Layer. SSL is a method of encryption that is used to protect sensitive data as it is passed across the internet. Modern SSL encryption is so strong that it has been calculated that a 128 bit symmetric key would, on average, take more time to crack by brute force than the solar system has left before the sun goes nova and swallows the earth.
Do I need SSL on my webserver?
SSL is required depending on the type of integration you choose to implement. With the HTML integration credit card numbers are entered while the user is on a page hosted directly by the secure payment gateway, thus SSL is not required. However, merchants utilizing the more advanced XML integration will require a SSL certificate and will need to demonstrate PCI compliance.
The type of integration you choose to use is up to you. If you are not certain which type of integration will prove a better choice for your business do not hesitate to contact a customer service representative for assistance.
How stable and reliable is your payment system?
We leverage many banking relationships to tie into a global processing network. Our payment systems are powered by Home Trust and other full member acquirers that are world leaders in international e-commerce payments.
The various payment systems are nothing short or state of the art, capable of tremendous transaction volumes of hundreds of simultaneous transactions per second, per customer. In total over 12 million transactions are processed every day by a wide range of merchants, ranging from small home based businesses to massive global organizations such as Sony.
Stability and reliability are something to be taken seriously. By partnering with leading global banking institutions and acquirers we are able to deliver world class, enterprise level processing that meets and exceeds the needs of even the largest global brands processing online today.