8 minute read
Editor's note: This article was updated on March 11, 2022, from its original publication date of July 15, 2019.
Current projections show that global e-retail sales are expected to grow to up to $7.4 trillion by 2025, which makes sense because most consumers worldwide reported that their favorite way to shop is to buy products online and have them home delivered.
Because powerful payment technology is behind the scenes making your customers' purchases possible, the transactions go through a complex ecosystem in microseconds. In this article, we demystify the payment process so that you can learn how to accept online payments with more confidence.
The path of an online transaction
It's easy to overlook the complexity of the path of an online transaction. To your customer, it seems like the transaction happens instantaneously. But the reality is that once he or she clicks "submit" on the payments page of your website, that transaction leaves your online infrastructure and enters the payment ecosystem.
That ecosystem contains several steps, all of which need a green light before a payment confirmation message pops up on the screen. Knowing each step in the payment ecosystem will help you make important decisions about how you accept online payments for your business.
Payment ecosystem
Shopping Cart
In a retail environment, the transaction begins once your customer places items into your website's virtual shopping cart. The shopping cart is the user interface where your customers review their intended purchases, provide payment information, and complete the transaction resulting in your business making a sale. That transaction can be for a product or a service. It can also be the place where you accept online payments for bills or donations. Through your shopping cart, you can accept many different payment methods from your customers like credit and debit cards, digital wallets, or buy now, pay later (BNPL).
There are many shopping cart options for you to choose from. You can develop your own from scratch, or you can use an open-sourced platform or a pre-customized version with simple integrations and plugins.
Selecting the right shopping cart depends on many factors, including the size of your business, the team you have to develop and manage your online site, the needs of your customers, your marketing plan, and more. Scoping out your requirements to accept online payments will help you select the right fit from the get-go or help you upgrade to the best one that will scale with your business.
Payment gateway
Once your customers submit their payment in exchange for your product or service, their card details are collected by the payment gateway. At that point, the payment gateway authorizes the transaction following security compliance protocols and sends it to the payment processor. Businesses can build their own payment gateway, but more likely, they find a payments technology partner to handle the payment gateway and the following step as the payment processor for them.
Payment processor
The payment processor is a financial institution licensed as a member of a card association that maintains the merchant's account. When the payment processor gets the payment details from the payment gateway, it submits the transaction request to the relevant card network.
Card network
American Express, Visa, Mastercard, and Discover are examples of card networks. The role of the card network is to switch the request for payment from the payment processor to the appropriate card issuer so that they can validate the request for payment.
Issuer
The financial entity that issued the card—typically the customer's bank—will validate the card details corresponding to an account at that financial institution. It will also ensure that there are sufficient funds, or available credit, in the customer's account to complete the online purchase and that the card security information has been entered correctly before deciding whether or not to authorize the payment.
The decision of the card issuer is then communicated back through the ecosystem, flowing from network to payment processor to payment gateway and to the merchant website so that the result is displayed to your customer. If the transaction has been authorized successfully, the customer receives a purchase confirmation. If the transaction has not been authorized, the customer is notified and will have the option of trying to complete the purchase again.
Self-hosted versus fully hosted payment processing
When you're formulating your online payment strategy, you have a decision to make around whether you want to host payment processing yourself or outsource hosting to a third party.
In the self-hosted model, you take responsibility for managing the full scope of PCI compliance and go through an annual card security assessment. Depending on your size, you will also likely hire a Qualified Security Assessor (QSA) to validate that you're in PCI compliance.
In the fully hosted payment gateway model, you rely on an accredited third party to process payments for you. There are a couple of advantages to consider with this approach:
First, you shift much of the burden of card security compliance to your trusted third party, who will manage many of your processing needs and PCI compliance for you. Your payment processor is responsible for protecting the cardholder data in its possession. It's a good idea to validate that your payment processor is PCI compliant during your evaluation process.
Additionally, you can save a huge amount of time by focusing on what you do best, while your trusted payment processor handles what it does best. You'll gain confidence that you're achieving a higher level of payment acceptance with industry-leading best practices at work for you. For example, we use a variety of tools from our decades of experience, including fraud management and enhanced security measures like encryption and multi-use tokenization to ensure you get the green light at every step.
How to accept online payments securely
The next step to accepting online payments with confidence is offering your customers a safe and secure online buying experience. Instilling trust in your customers is the difference between making the sale and losing it forever. Nearly 20% of customers abandon their online shopping cart because of trust issues at checkout, according to a recent study by Baymard.
Here are a few ways to reassure customers and build credibility:
1. Get an SSL certificate
Secure Sockets Layer, commonly referred to as SSL, protects your checkout by encrypting your customer's personal transaction details. SSL is the industry standard used by millions of websites to protect their customers' online transactions. This means a lot to your customers who will be assured that their transactions are private. You can communicate that your business holds an SSL certificate with a lock symbol in the URL bar of the browser.
2. Display trusted and secure logos
After you've gone through the process of being able to accept various forms of payment from trusted financial brands like Visa, Mastercard, American Express, PayPal, and WeChat Pay, display their logos at your checkout and throughout your website to build credibility with your customers, which reassures them that their money is being handled with the proper care.
3. Show you're PCI compliant
PCI compliance is required of every business that takes credit cards as payment to sell goods or services. It's a designation that tells regulators you are properly handling and storing your customer's payment details safely and securely. The PCI-DSS was adopted by the card brands to safeguard the public against cardholder theft and fraud by requiring businesses like yours to meet minimum security levels when they store, process, and transmit cardholder data. Once you become PCI compliant, communicate it to your customers in the checkout process with the PCI-DSS trust logo.
Accepting online payments is more than simply standing up a shopping cart on your website and hoping that the money lands in your bank account. Now that you know the path of a transaction, what it means to be self-hosted or fully hosted, and how to sell online securely, you have learned how to accept online payments with a strategy that best aligns with your vision for your company.
Contact us to get started accepting online payments—quickly and easily. If you're already up and running, learn simple ways to increase your ecommerce sales.