As we all gear up to face the grim reality of the global coronavirus pandemic, businesses around the world are confronting the enormity of the challenges ahead of them. The need to minimize the risk faced by vulnerable public-facing employees is particularly important.
Thankfully, there are steps many businesses can take to reduce in-person contact. In this article, we’ll discuss ways your business can minimize such exposure by accepting remote payments — both online and over the phone.
Is Cash Still Safe To Handle?
Cash is an efficient means of germ transmission even in the best of times. A Swiss study from 2008 found that, in some circumstances, flu viruses can survive up to 17 days on the surface of cash. Considering the heightened dangers we currently face, preparing your business to accept cashless and card-not-present transactions has never been more crucial.
We understand that the nature of certain types of businesses will preclude the possibility of everyone doing this at scale, but there are ways to accept payments from your customers that don’t involve the exchange of cash or even a credit/debit card.
You Can Still Accept Payments From Customers Who Aren’t Present At Your Place Of Business
If you’re considering shutting down your office and switching your business to delivery-only, know that you can get paid without having to send out invoices. Thankfully, you can accept payments both online and, via a virtual terminal, over the phone. If you haven’t gone this route in the past, we’ll explain how it works.
Of course, accepting these kinds of payments presents security challenges along with logistical challenges.
Security Concerns For Card-Not-Present Transactions
When accepting payments remotely, you’re responsible for ensuring the security of your customers’ payment information. The key to achieving this is to make sure that your payment system is PCI-compliant.
Merchant Maverick does have a complete guide to PCI compliance — what it means and how to bring your business into compliance — but we’ll summarize the main points here.
PCI compliance refers to a set of standards established in 2006 to ensure the security of all customer payment information that is sent and received online
Some of the practices that will help ensure your business remains PCI compliant include:
Use only PCI-validated payment gateway software
Don’t store any sensitive cardholder data
Use a firewall on your network and computers
Never use default passwords
Check that your wireless router is password-protected and uses encryption
Check your terminals, PIN pads, and computers to ensure that no one has installed rogue software or “skimming” devices
Educate your employees about security and protecting cardholder data
If you don’t take the steps necessary to protect your customers’ credit card information properly, you could easily suffer a data breach that puts your customers’ finances at risk — a development which would not reflect well on your business and lead to a general loss of trust in your enterprise.
Again, please refer to our PCI compliance guide for more detailed information on how to maintain best practices and keep your customers’ payment data safe from hackers and other bad actors.
Accepting Over-The-Phone Payments
Businesses in certain industries are more likely than others to be familiar with the ins and outs of taking payments over the phone. For instance, restaurants often use POS systems that include a feature for taking orders remotely and processing remote payments. If you operate a restaurant, there’s a good chance that your POS provider offers capabilities that you may not have had reason to explore in the past. Contact your POS provider and ask about the availability of these features if you’re not sure.
Alternatively, many businesses may find that a virtual terminal is their best option for accepting payments over the phone. For those who don’t know, a virtual terminal is a means of accepting credit card payments without the credit card being physically present. They are typically web-based and involve you entering your customers’ credit card information into a secure web page for processing.
Many POS systems and virtual terminals have a vault feature that keeps your customers’ information stored on file for later use. This allows your customers to simply direct you to charge their card on file when making a purchase. Note that this is acceptable from a security standpoint because the information is not stored on your site or your devices. Instead, it is all encrypted and stored with the processor.
Here’s a good primer on card-not-present transactions.
Accepting Online Payments
Paying for goods and services online has become commonplace over the last few decades — although your business may not have experience with how it all works. In this section, we’re going to run through some common scenarios and let you know how to accept online payments in each instance.
Online Restaurant Orders
Most modern restaurant POS software will include online ordering and delivery functionality (along with payment processing, of course). If you have such a system and you haven’t taken advantage of these features yet, contact your POS provider and ask about how you can implement these features. And if you’re trying to sign up for a restaurant POS system, so you can accept payments online, ask the providers in question about payout times. A waiting period of around two days is fairly standard in the industry, though some processors offer faster payouts.
If you’re running a brick-and-mortar establishment and you’re setting up eCommerce for the first time, your existing credit card processor should be able to help you set up your online eCommerce system.
If you find that your current payment processor doesn’t allow you to do what you’d like with respect to online sales, you could always switch to a third-party processor, such as Square or PayPal. Establishing an account with the likes of Square and PayPal is incredibly easy and painless, so while this obviously isn’t an ideal time to go comparison shopping for a new payments provider, the option is there should you want to take advantage of it, and it shouldn’t take up too much of your time.
Invoices & Online Payment Forms
If you’re trying to further reduce the need for in-person exchanges of payment, you can use invoices and payment forms to send custom links to your customers that allow them to enter their credit card information remotely. This has the benefit of being both safer and faster/more efficient than the use of old-fashioned paper invoices and checks.
Here is an informational article that details the invoicing process.
Is Now Really The Time To Switch My Payment Setup?
Clearly, a global pandemic is not an ideal time for any business to be trying to switch up their payment processing system in order to save a few bucks. However, as the established ways of doing business are being upended at a dizzying pace, businesses everywhere will have to adapt in order to both remain viable and protect the health and safety of employees and customers alike. To that end, Merchant Maverick is here to help you adapt your business practices to our new shared reality.
Here is a link to our COVID-19 resource hubÂ — we are adding to our pandemic-related informational resources continuously. Additionally, you may want to read our piece on business interruption insurance.
Furthermore, you can read our Small Business Outbreak & Pandemic Guide: Coronavirus Edition for more on how your business can handle the COVID-19 pandemic.
The post Coronavirus Payments Guide: Everything You Need To Know About Switching To Online & Phone Payments appeared first on Merchant Maverick.
If you’re reading this, I’m going to take a wild shot in the dark and say that you probably have a PayPal account. As of the third quarter of 2019, PayPal has reported a total of 295 million active accounts worldwide. PayPal has become so embedded in people’s lives that many use their personal PayPal account to conduct business. However, by doing this, you give up the advantages that come with a free PayPal Business account.
We’re here today to explain why, if you’re a PayPal user doing business under your personal account, you should really sign up for a PayPal Business account and do business under that account instead.
Why Use PayPal For Business?
When you use PayPal for Business, you gain access to a plethora of services, both free and paid, that can be immensely helpful to any merchant making money from online sales. You’ll get three options for taking payments, two of which carry no monthly fees. You’ll get access to a plethora of eCommerce integrations, including Shopify, Magento, and BigCommerce. Offline merchants will get access to a number of POS integrations, as well as PayPal’s in-house mobile card reader and mPOS app, both of which are bundled together under the PayPal Here brand.
Other features available through PayPal include online invoicing, a Marketing Solutions package, a Virtual Terminal, a recurring billing service, and a lengthy list of developer tools. Of course, other payment processors sport similar tools, so is there truly any advantage to using PayPal for Business? PayPal itself would argue “yes,” and in favor of that argument,Â a recent study found that when a customer chooses PayPal as their payment method, they go on to complete the transaction 88.7% of the time — an average conversion rate 60% higher than that of other digital wallets and 82% higher than the average conversion rate of all other payment methods.
All things considered, a PayPal business account makes it simple and easy to send money back and forth. Whether you’re in the business of offering online subscription services, selling your wares at “meetspace” events like crafting shows and conventions, or even collecting donations for a nonprofit organization, PayPal for Business has plenty to offer.
Differences Between PayPal Personal & Business Accounts
Both personal and business PayPal accounts allow you to send and request money, make purchases, and even receive payments for sales you make — so long as you mark these sales as being for “Goods and services,” thus incurring transaction fees (and PayPal will check to make sure you’re not dodging transaction fees by mislabeling transactions). However, without a business account, you won’t have access to a host of commerce-facilitating features such as creating shipping methods, inventory tracking, allowing employees partial access to your account, and signing up for services like PayPal Here.
PayPal Business Account Requirements
The requirements to set up a PayPal business account are pretty minimal. You’ll need the following:
An email address
A business phone number
Your legal business name — your own name is fine if your business is a sole proprietorship
The last four digits of your SSN
Your Employer Identification Number (EIN) — if you choose individual/sole proprietorship as your business type, you don’t need to provide an EIN
Your date of birth
Your home address
Your bank name, account number, and routing number
This will be sufficient to start selling, but note that after you start actually accepting payments and making money, PayPal may request further documentation, such as bank statements. Third-party processors like PayPal and Square are notorious for their stringent scrutiny of merchants and their tendency to subject merchants to holds or terminations at the slightest hint of trouble. Just be ready to provide whatever information PayPal might ask for in the event that they detect something slightly suspect.
Check out our piece on avoiding account holds, freezes, and terminations to learn more.
How To Set Up Your PayPal Business Account
Start off by clicking on the “Sign Up” box in the top right corner of PayPal’s page. Note that if you are signed in to your personal PayPal account, PayPal will prompt you to either sign out of your current account and set up a separate business account under a different email address OR delete your current PayPal account and set up a business account using the email address previously associated with your old PayPal account. I assume most of you will want to choose the former option.
Next, you’ll be prompted to enter some information about your business. Enter the legal name of your business contact, the name and phone number of your business, and your business address.
Next, you’ll be asked to describe your business type. The options you’ll have to choose from are as follows: Individual/Sole Proprietorship, Partnership, Corporation, Nonprofit organization, or Government entity.
Next, you’ll be asked to further describe your business. You’ll be asked to choose the product or keyword that best describes your business, your estimated monthly sales, and your website (this one is optional), and you may also be offered the chance to receive a PayPal Business Debit Mastercard after you receive at least $250 in payments.
Now, if your business type is anything other than Individual/Sole Proprietorship, you’ll also be prompted to enter your Employer Identification Number (EIN). If you chose Individual/Sole Proprietorship as your business type, you won’t receive this prompt as you won’t have an EIN.
Next, you’ll be asked to supply some more personal information: the last four digits of your SSN, your date of birth, and your home address.
Once this step is complete, your PayPal business account will have been created. You’ll now be asked whether you want to request or send money and whether you want to send out an invoice (which will start the process of setting you up with PayPal Invoicing, a free service that allows you to create and send customized invoices)
After that, you’ll be prompted to select other PayPal services you may want to use. You can choose which online payment package you’d like to set up for online sales. If you’re in the business of offline sales, you’ll be offered the chance to set up a PayPal Here account. And if you want to sell goods through online marketplaces that PayPal integrates with, you’ll be offered the chance to connect to such a marketplace.
Keep in mind that you can always return to the set of signup options listed above by hovering over the “More” option on your PayPal toolbar at the top of the page and then selecting “Business setup.”
Let’s go back to setting up online payments for a moment. Click on “Set Up Online Payments” and you’ll be presented with the choice of processing all your payments through PayPal or adding PayPal as a supplementary way to get paid.
Depending on which option you select, you’ll then choose how you want to sell online. Choose “Process all payments through PayPal” and you’ll be offered two further options. With Option A, you work with an eCommerce solution that’s already integrated into PayPal. Option B lets you add HTML buttons to your website yourself. Below both options, you’ll see a “Compare options” link. Click it to see the following comparison:
Now, if you chose “Add PayPal Checkout as another way to get paid”, the two subsequent options will be different. Option A will be “I want a pre-built payment solution” while Option B will be “Use our APIs to add PayPal Checkout to your website.” Clicking “Compare options” will then display the following:
After you establish your payment setup, you’ll find an “Account setup” tab next to the “Payment setup” tab. Click on that to finish setting up your account.
From there, follow the links to confirm your email, link your debit card for Instant Transfers to your bank if you wish, link your bank account, make your business name clear for customers, and, should you so desire, get the PayPal Business Debit Mastercard.
Depending on the payment options you selected earlier, you’re going to need to choose between the three available payment packages for accepting payments online:
PayPal Checkout (formerly Express Checkout)
PayPal Payments Standard
PayPal Payments Pro
If you want to add PayPal as a supplementary payment option to your existing website or if you already integrate with an eCommerce provider, PayPal Checkout is a solid choice. You’ll get PCI compliance (PayPal redirects customers to its secure site to complete the transaction), contextual checkout buttons, and localized payment methods for European customers.
PayPal Payments Standard is a more fully-featured payment solution than PayPal Checkout. Payments Standard offers the same eCommerce integrations and PCI compliance offered by PayPal Checkout along with a healthy dollop of additional features. Here’s the full list of what you’ll get with Payments Standard:
Accept credit and debit cards (your buyers don’t need a PayPal account)
Accept PayPal payments
Send invoices online for fast payment
Accept payments in 25 currencies from 202 countries
Simplified PCI compliance
No long-term contracts, setup, withdrawal or cancellation fees
Nonprofit discount available for PayPal transactions
Toll-free phone support
Offer special financing on purchases $99 and up
Both PayPal Checkout and PayPal Payments Standard have the benefit of being free to sign up for with no monthly fees. PayPal Payments Pro, by contrast, costs $30/month to use. Let’s take a look at what you’ll get for the money:
Hosted Checkout page: With Payments Pro, you can keep your customers on your website throughout the entire checkout process and customize the design of your checkout page. If you want to provide your customers with the most seamless checkout experience possible, Payments Pro is the way to go. However, this means that you’ll have to take care of PCI compliance yourself.
Virtual Terminal: PayPal’s virtual terminal allows you to accept payments via phone, fax, or mail. Once you have your customer’s card number, you can key in those numbers from a browser window. It’s definitely a handy feature, and it always helps to be able to take payments by as many means as possible. However, competitors like Square and Shopify offer access to a virtual terminal without having to pay any monthly fee whatsoever.
Recurring Billing: If you’re in the business of selling subscriptions, Payments Pro offers recurring billing tools to power your sales. Unfortunately, recurring billing will cost you an additional $10/month. Oddly enough, PayPal Checkout offers recurring billing tools for no cost whatsoever.
Bear in mind that to implement many of the features on offer with a PayPal business account, you’ll need a developer to help you do the heavy lifting.
Another feature you can sign up for on PayPal’s website is PayPal Here, a suite of services that allows you to accept offline payments via a mobile POS app and a PayPal card reader of your choosing. You’ll find the PayPal Here page under the Tools drop-down menu in the toolbar on your PayPal dashboard.
The first thing you’ll need to do is sign up for PayPal Here. Once you’ve done that, download the PayPal Here mPOS app onto your mobile device. Next, sign in to the app and order your card reader. Of the three card readers currently available, the Mobile Card Reader and the Chip and Swipe reader are both free until June 30, 2020, for new PayPal Here account holders. Also available is the Chip and Tap Reader + Charging Stand combo which you can purchase from PayPal for $79.99.
For a full rundown of the features included in PayPal Here, read our PayPal Here review.
Are There Any Paypal Business Account Fees?
There are no fees incurred when you set up a PayPal business account. It’s completely free to have a PayPal business account (unless you sign up for the PayPal Payments Pro plan). Of course, free payment processing doesn’t exist, and PayPal is no exception. This means that payment processing fees will apply when you make a sale through PayPal. If you’re a US-based merchant, Here’s what you’ll be paying per transaction in the based on the nature of the transaction:
2.9% + $0.30 per online transaction
2.7% per swiped, dipped or tapped offline transaction (when you use PayPal Here or integrate with one of PayPalâs POS partners)
3.5 + $0.15 per keyed transaction
2.2% + $0.30 per online transaction for nonprofits (check out PayPal For Nonprofits to learn more)
5% + $0.05 per transaction under the MicroPayments plan
3.1% + $0.30 per Virtual Terminal transaction
Keep in mind that the Virtual Terminal is only available if you have a PayPal Payments Pro plan, which costs $30/month. Overall, PayPal’s fees are comparable to those of other third-party processors, though as I mentioned earlier, both Square and Shopify offer a virtual terminal without a monthly fee.
One recent policy change that has sellers chagrined is that when a transaction is refunded, PayPal will not return the processing fee to you. That means that if you refund a $100 online purchase to a customer, the processing fee won’t be returned to you and you’ll lose $3.20. This may not sound like that much, but if you’re issuing a significant number of refunds, these costs add up quickly. For more on refund policies in the payment processing industry, check out our article on credit card refund fees.
This article doesn’t cover every single fee associated with using PayPal. For more on the costs of such things as card readers for offline sales, conversion fees, chargeback fees, and more, our article on PayPal pricingÂ has the full story. And if you’re a seller outside the US, have a look at PayPal’s complete list of merchant fees, as the fixed portion of your transaction fees (when considering a 2.9% + $0.30 transaction fee, the 30 cents is the fixed part) will vary based on the currency you use.
The Bottom Line On PayPal For Business Accounts
We’ve established that if you’re going to use your PayPal account for business purposes, you really should get a PayPal business account. But how does PayPal stack up against competing payment processing solutions?
Overall, despite its shortcomings, PayPal is a solid option for merchants. With its relatively simple, transparent pricing and extensive eCommerce integrations, PayPal works particularly well as a starter option for new businesses and will scale with your business as it grows. What’s more, online sellers can always choose to use PayPal as a supplemental means of accepting payments. This isn’t the case with most of PayPal’s competitors.
PayPal has plenty to offer offline sellers as well — with PayPal’s in-house mPOS app along with its robust POS and accounting integrations, you’ll be able to take payments anywhere with ease. Read our full PayPal review for an even deeper look into what the payments giant has to offer your business.
That being said, PayPal obviously isn’t an ideal solution for everybody. If you’re not happy with PayPal’s business practices or if you’re in the process of comparison shopping, check out our article on PayPal alternatives. You may want to have a look at our merchant account comparison chart as well.
As always, if you’ve used — or are using — a PayPal business account to accept payments, we’d love to hear about it! Please drop us a comment!
The post Why You Need A PayPal Business Account If You Want To Take Payments Via PayPal appeared first on Merchant Maverick.
If you are looking to expand fundraising possibilities for your charity and are considering Square to process payments for your nonprofit, you may have a lot of questions. Fortunately, you’ve come to the right place; this post covers all the information you’ll need to make an educated decision. We’ll look at the costs, fees, and all of the features that wait for you behind the curtain of Square’s processing. Square constantly updates what they offer, so there’s a good chance that within the next year, Square will offer even more features for nonprofits. That’s not to say that Square isn’t already a viable option for charities to take paymentsâyou’ll find that from setting up a free online shop to engaging your donors throughout the year, Square provides all the tools you need to get going, with options to integrate or add features as you need them. Let’s get started!
How Do Nonprofits Benefit From Using Square?
One of the biggest reasons I have a sweet spot for Square is that they have competitively-priced processing rates, and your nonprofit organization won’t face any surprise fees or markups on the backend. In addition to a straightforward fee structure, Square offers a considerable amount of free software.
Not only that, Square is so easy to set up that you can get your account up and running to start taking donations, sell merchandise, and even set up your website all on the same day.
While Square for nonprofits offers a plethora of benefits, it’s not without some potential hiccups, however. In the world of payment processing, one merchant’s dream is another’s frustration, so let’s take a look at what Square has to offer and discover if this solution is right for you.
The Limitations Of Using Square for Nonprofits
It’s important to understand that Square isn’t a traditional merchant account provider. As a third-party processor, Square offers greater accessibility to a wider amount of businesses, but there’s inherently a bit more risk involved as far as account stability with this model. When a business or charity raises a red flag, sometimes it’s hard to make things right again.
One of the most important ways to avoid issues is to accurately disclose your type of business and ensure that you don’t sell anything on Square’s prohibited goods and services list that would throw you into the high-risk merchant category.
While representing a very small fraction of all Square’s accounts, the largest complaints against Square involve account freezes and terminations. No matter what processor you go with, you’re going to have this risk, however. That’s why we encourage all of our readers to learn how to reduce their risk of termination or funding freezes.Â
Beyond this, Square offers a lot of useful tools for a very low price, but it’s certainly not all-inclusive. When it comes to SaaS (Software as a Service) for a charity, you can find other options that cover the basics for next to nothing — and there are also more complex solutions that go as high as $15K for mid-sized charitable organizations and above. It really depends on what your organization needs in ancillary tools.
With that in mind, let’s take a look at what to expect with Square, and then look at how your charity can make the most of this low-cost option.
What Are Square’s Fees For Nonprofits?
As I mentioned before, what you see is what you get as far as payment processing costs. You won’t have any other additional monthly fees: no authorization fees, statement fees, refund fees or PCI compliance fees. You’ll also pay the same fee no matter what type of card your customer uses.
Be aware that accepting in-person payments versus web or invoice payments varies slightly, however.
Here are the Square fees for nonprofits:
2.6% + $0.10 for any tapped, dipped or swiped cards you take in person
Â 3.5% + $0.15 when you enter in a credit card number manually from the SquarePOS app, take payment in your Square Virtual Terminal, and process card-on-file transactions, including recurring invoices.
2.9% + $0.30Â for Square Invoices and eCommerce donations as these are both web-based transactions
You can also learn a bit more about Square’s Pricing in our article, How Much Does Square Charge?
Note that Square’s fees for nonprofit organizations are exactly the same fees that small businesses pay, and they’re designed for organizations that process less than $250,000 per year. Does your charity have higher projected donations coming in? Square may design a custom pricing package for charities and small businesses that process more than $250,000 per year in sales, but they consider that on a case-by-case basis rather than offering any sort of standard pricing for nonprofits.
Now that we’ve got the fees out of the way, let’s see what free goodies and other options await with Square for charities.
8 Ways Your Nonprofit Organization Can Make The Most Out Of Square
Square offers more than just payment processing for the nonprofit organization. Let’s take a look at the free tools Square offers that could support your charity in several ways.
1. Accept Donations Online
You have quite a few options to accept donations online with Square. The easiest option is to create a free Square site with ready-made templates that make it easy to build a simple web storefront. You can create a space that explains your mission and lets your donors contribute to the cause, or make a fully functional eCommerce store that allows you to sell things like t-shirts and other merchandise to support your organization and mission.
To start accepting donations, simply click Donations from your online dashboard and add the details. You can also allow custom donation amounts to let your donors give the amount of their choice, up to $1,000.
If you have multiple focuses for your nonprofit, you can create more than one campaign on your site. Just repeat the process in your dashboard from the donations area. That way if you want a focused fundraiser, you can do so while still maintaining the ability to accept general donations.
Below is an example of a storefront using Square’s free site template. You have a range of colors, but customization is limited. Also, take note that you do not have a custom domain with Square’s free site.
You can also upgrade the free site to a premium option through Weebly â it’s all easy to navigate and choose through your Square dashboard. This way you’ll get a custom domain and other bells and whistles that help you create a site you want for your cause.
If you already have a site, you can choose from one of the plugin integrations for Square at your Dashboard for a pretty easy setup.
If you’ve got some expertise when it comes to code (or have a developer on staff) you can build a branded checkout flow with Square Transactions API that allows you to accept digital wallets, too. Check out How To Accept Online Payments With Square for a full, in-depth explanation of each of these possibilities, and a few more (like in-app purchases).
2. Accept Donations In Person
Hoping people have cash on hand or the even more archaic option â a check â can really limit you. When you set up your Square account, you’ll get the free magstripe reader, but we strongly suggest that you opt for the Square Reader for contactless and chip. Square’s chip reader is the best way to protect yourself from chargebacks and give people more options (and convenience) to donate. That’s because chip readers better meet current security standards. The chip reader is competitively priced under $50.00. This little reader is an important tool to keep your costs down in the long run.
You have even more options in hardware, however. Whether you need something mobile or you need something a little sturdier for a kiosk or desk setup or both, you can find what you need to accept payments in person.
Want even more information on Square’s hardware options? Check out The Complete Beginner’s Guide to Choosing Square POS Credit Card Readers And Cash Register Bundles.
3. Take Donations And Orders Over The Phone
Like most point-of-sale software, Square comes with a virtual terminal right on your dashboard that allows you to take a payment over the phone or manually key in credit card data. What’s important to understand here is that a virtual terminal is really the only way to safely process credit card data. That’s because when you receive credit card information, security has to be considered during transmission and storage.
Jotting credit card information down a piece of paper or worse â keeping this information on a spreadsheet â is a big no-no. You’d be surprised to find out how many organizations store credit card data this way, but in the event of a breach, your business will face expensive fines (not to mention a huge PR issue).
Taking donations for your charity over the phone is really easy with Square. You simply enter in the credit card data on the form. Since the full credit card number isn’t visible once you key it in, you never have to worry about this information being vulnerable.
4. Recurring Donations
As a charity, there is probably nothing that feels better than an ongoing commitment from your supporters. These folks help you keep up your daily operations and allow you to plan for future growth.
Square makes setting up recurring donations super easy for your charity. Whether you’re on your mobile device or at your full Square dashboard on your PC, you can create what you need.
I’ve included the screenshot below so that you can how easy it is to set up and schedule your invoice for delivery on whatever recurring plan you want.
If you desire more consistent branding for your charity, you have some options. Check out the full post How To Use Square For Recurring Payments and Invoices for information on integrations or a pre-built workflow.
If you’re wondering about any additional cost regarding invoice scheduling for charitable donations, I have some good news: Setting up recurring donations for your charity doesn’t cost anything extra beyond the processing charge (3.5% + $0.15).
5. Sell Merchandise
Ready to sell merch at your event or want to offer online sales? As mentioned earlier, you have some options when it comes to setting up an online store via Square’s free store or upgrading for more space or design freedom.
Selling in person couldn’t be easier, either. Square’s free Point of Sale app works as a cash register or mobile app, so you can run a gift shop or merch table at a fundraiser. You can even accept payments for charity auction items right then and there (or send an invoice for payment after the event).
Whether you sell merch at an event, through your online store, or you take a phone order through your virtual terminal, Square syncs the sale at your dashboard so everything stays up to date. All your inventory is tracked across all your sales channels. When it’s time for a sale, you simply select the item from your inventory and you’re all set to make a sale. You’re also free to just enter in any amount and charge a card that way as well. After entering their email, your customer receives a digital receipt, and you now have their info.
You can also set up alerts at your dashboard to stay on top of dwindling t-shirts or other fundraising merchandise you offer. That way you can re-order supplies before stock drops to zero!
6. Manage Events And Registration
Planning an event for your charity can help you connect with both your supporters and those who become one. That’s why I’m glad to see that through Square, you can also find what you need to sell tickets for any event you have in the works. You’ll do this through your online store. You can set up your tickets for electronic delivery or you can print for shipping or in-person pickup options. Square gives step-by-step information on how to sell event tickets through their help center.
Square also has a partnership with Eventbrite so it’s that much easier to organize, manage your event, and sell your tickets.
The great thing about selling with Square is that your sales for tickets, merch, and donations all seamlessly sync to improve your record keeping. Whether you take a ticket at the door with your POS or sell a ticket online, everything stays up to date.
And that brings me to my next point: Square’s donation and sales tracking can improve your bookkeeping.
7. Track Your Income And Improve Your Bookkeeping
Square offers simple income tracking. You can download sales history, view deposits, and view everything that’s happening over a set period of time.
View income by categories like merchandise sales, donations, or ticket sales. You can also compare new givers with long-time supporters, as well as average donation size. While you’re not going to see more advanced reporting features with Square Analytics, we feel it delivers more than expected considering these features are completely free.
Need something more? One thing to note is that Square integrates with Quickbooks so you can sync sales data here and get the sales or expense reports you need all in one place. QuickBooks has some specialized accounting features for nonprofits, which can make it a must-have piece of software.
8. Collect Donor Information And Engage
You can export a list of your donations or the details about your donors from your online store at any time. All of this is accessed under Order Management right from your online dashboard.
As you collect donations, you can also manually enter any notes about your supporters. Because electronic receipts are delivered when your customer shares their email, you can also build a robust email list for future marketing.
Square has a few customer engagement features that are completely free. The emails that you collect during transactions are yours to add to a separate email campaign service, of course. You can also create, import, and manage all of your customer profiles within your Customer Directory, which you can then use to get more insights into your donors and plan future giving campaigns based on that information.
You don’t need to find a solution outside of Square for email marketing tools, however. Square Marketing gives you some pre-designed email templates with campaign suggestions and scheduling tools that help you create and manage your email list and marketing campaign. Square Marketing Starts at $15 / month. In the screenshot below, this particular campaign provides those on your list with a special offer. To the right, you can see that you have a selection of templates and themes to create something in line with your branding. Though it’s not fully customizable, you can add your logo, business name, and other images where desired.
Email remains one of the most cost-effective marketing tactics, so it’s nice to see that Square makes it easy to collect emails or opt for this relatively low-cost email marketing tool.
Is Square Right For Your Nonprofit?
Square remains a strong option for most nonprofits. You can start taking donations — and even have access to a few ways to grow — without having to spend any extra money right off the bat. However, for advanced reporting features, marketing, and other integrations you may need, you’re going to pay more each month. And in my mind, that’s okay. Square provides basic reporting features so you can gain insight into patterns of giving as well as set up multiple ways to give on your site and more ways to connect, and that’s all free.
While Square does not offer any special discounts for charities, the processing fees are competitive. And with all of the freebies, it’s a bit remarkable for a processor overall. Be aware that account stability issues exist, however, but they aren’t unique to other processors by any means. Be sure to review each section or check out our full Square Review so that you understand how to make the most of this option.
Not sure if Square is right for you (or already sure it isn’t)? Read Become A Hero & Save Your Charity Money With Discounted Credit Card Processing For Nonprofits or check out the Top 7 Square Alternatives.
Want to get started with Square and open an account? This step-by-step tutorial shows you how to set up an account, navigate your dashboard, start accepting donations or selling merchandise. Have any questions? We’d love to hear from you.
The post Square For Nonprofits: Everything You Need To Know About Seamlessly Accepting Donations, Running Events, & Selling Merch With Squareâs Platform appeared first on Merchant Maverick.
Itâs hard to overstate the significance of the impact that eCommerce has had on the quality of our lives here in the early 21st Century. While in the past, consumers were limited to the choices provided by their local retailers and the closest big-box store, today anyone with a computer, an internet connection, and a credit card can obtain nearly any product or service they want from just about anywhere in the world. Unfortunately, it also makes it much easier for criminals to steal goods and services if they have access to these same tools.
Online payment fraud is simply any false or illegal transaction committed via the internet. It deprives the victim of goods, services, funds, or sensitive information â often without them being aware that this has happened to them until much later. In many cases, there will actually be two victims: the consumer whose information was stolen, and you, the merchant. Online fraud can involve not only fraudulent transactions, but also lost or stolen merchandise, or falsified requests for a refund. Fraud can be committed through email, instant messaging, or online auction sites. It can also occur through text messaging or even phone calls.
One common misconception among small business owners that weâd like to clear up right now is that they arenât as lucrative a target for cybercriminals as the larger retailers, and therefore donât need to be as thorough in protecting themselves from fraudulent activity. Unfortunately, this âit will never happen to meâ attitude can make it far more likely that itwillhappen to you sooner or later.
The truth is that large businesses are a âhard target,â because they have the resources to fully defend themselves against fraud. Smaller companies lack these resources, and thus often present a much easier target to cyberthieves. A cybercriminal knows that he or she can make more money by exploiting several inadequately protected smaller businesses than by wasting time trying to break into a fully-defended larger business. Fortunately, there are many tools available to even the smallest companies that can dramatically lessen the likelihood that youâll become a victim of online fraud.
In this article, weâll discuss the various types of online payment fraud, whether itâs committed via credit card, debit card, eCheck/ACH, or any other payment method. Weâll also present some sobering statistics about the growth of online fraud in recent years. Weâll discuss the importance of having a strategy to deal with fraud, and describe the many âred flagsâ that can indicate a fraudulent payment. Finally, weâll explain the numerous tools available to you that will help to protect your business from fraud. While the risk of becoming a cybercrime victim can never be completely eliminated, the use of all of these tools can protect your business and dramatically reduce the chance that youâll experience a loss due to online payment fraud.
What Is Credit Card Fraud? Eight Types You Need To Beware Of
Credit cards are usually the easiest and most convenient way for consumers to pay for their online purchases, so itâs no surprise that the majority of incidences of online fraud involve credit cards. However, other payment methods (including debit cards, eCheck/ACH payments, etc.) are just as susceptible to being used fraudulently if the consumerâs account information is compromised. Hereâs a brief rundown of the eight most-commonly recognized types of online payment fraud:
Account Takeover Fraud (Phishing)
Youâve probably already heard of phishing (more formally known as account takeover fraud). This is when a hacker obtains a victimâs online account information and uses it to make a fraudulent purchase. Unfortunately, phishing attacks often work by convincing the victim to voluntarily disclose this information. While a hacker might not break into your credit card account directly, they can sometimes get into other accounts for major online shopping sites and gain access to your stored payment method information.
Card Testing Fraud
Sometimes thieves will âtestâ stolen credit card information by attempting to make a small, insignificant purchase. If the transaction is approved, they go on to make larger, more lucrative purchases with the valid card information. Sometimes thieves will file chargebacks on each of these purchases. At around $15-25 per chargeback investigation, this can quickly get very expensive for merchants, with the cost in chargeback fees vastly exceeding the value of the stolen merchandise.
Sometimes, a cybercriminal doesnât have to steal someone elseâs credit card information to commit fraud. With âfriendlyâ fraud, a thief will use their personal credit card to make a purchase, then file a chargeback, claiming that the goods were never delivered. They get the goods for free after the issuing bank refunds their money, and youâre out the cost of the products and a chargeback fee.
A common scheme is for a thief to order a pizza, then file a chargeback after itâs been delivered. In this case, the thief has literally eaten the evidence! Unfortunately, âfriendlyâ fraud is becoming more common as thieves have learned to take advantage of consumer-friendly policies in the processing industry. (And it’s not just thieves who commit friendly fraud — unhappy customers do too!)
Merchant Identity Fraud
Sometimes, the merchant is the criminal. Merchant identity fraud occurs when hackers present themselves as a legitimate business. They then solicit funds from unknowing victims or offer goods or services that are never delivered. While merchant services providers have gotten better at sniffing out this sort of activity, itâs still possible for a cybercriminal to sign up with a legitimate payment processing service and collect money from unknowing victims. If the hackers cannot be identified and held responsible, the merchant services provider will end up being held liable for the losses. This is one reason why a prospective merchant services provider will go to great lengths to investigate the nature of your business before approving you for an account.
Sometimes cyber thieves donât want a particular product â they just want cash. Buying something online with stolen credit card information and then returning it for a refund thatâs issued to the thief is an easy and increasingly popular way to score some quick cash at someone elseâs expense.
True fraud is more commonly known as identity theft, and itâs probably the form of online fraud that youâre most familiar with. This type of fraud involves the classic scenario where a hacker illegally obtains a victimâs online account information (i.e., username and password) or their credit card information, and then uses that information to make purchases. They get the goods, and the victim gets the bill. Because issuing banks have made it relatively easy for victims of this type of fraud to dispute transactions they didnât make, liability for the illicit purchase usually falls on you, the merchant.
This form of fraud is also known as âpagejacking.â Sophisticated hackers are able to redirect traffic from your website onto a similar site that theyâve set up, where theyâre able to obtain personal information or credit card data from unsuspecting customers.
Wire Transfer Fraud
This form of fraud involves the use of the banksâ wire transfer services for fraudulent purposes. A cybercriminal will pose as a legitimate business or government agency, then contact a victim and attempt to induce them to send money to a fraudulent address. These types of solicitations usually occur over the telephone, but can also occur online through email. Common scams of this nature typically involve telling the victim that they have won a large sum of money, but need to pay a âfeeâ to have it released.
The State Of eCommerce Fraud
Ever since eCommerce began in the 1990s, online fraud has been a problem. Online merchants can never have access to a customerâs physical credit or debit card, relying instead on account information such as card numbers, expiration dates, and CVV codes to authenticate transactions. While this information is sufficient to confirm the authenticity of an account, itâs never enough to firmly identify that the customer making the purchase is indeed the true owner of that account. Although many steps have been taken over the years to improve the security of online transactions, a 100% foolproof solution has yet to emerge.
In 2015, credit and debit cards with EMV (Eurocard, Mastercard, and Visa) or âchipâ technology were introduced in the United States. Although the transition from the older magstripe technology to EMV hasnât been very smooth, it has resulted in a dramatic decrease in card-present fraud due to the encryption features available with EMV. Retail credit card fraud rates dropped a whopping 82% between 2015 and 2018, and continue to be very low.
Unfortunately, the drop-off in card-present fraud has resulted in a dramatic increase in card-not-present fraud since EMV cards were introduced. Put simply, criminals whoâve been shut out of opportunities to commit retail fraud are now setting their sights on the lucrative (and still relatively vulnerable) eCommerce market instead. In 2016 alone, online fraud rates rose 33%. In 2017 and 2018, they rose an additional 30% per year.
According to LexisNexis, online fraud cost the eCommerce community 2.38% of total revenue in 2018 alone, and this rate continues to rise. Online fraud is expensive on both a per-transaction basis and as a percentage of total revenue. As of this year, the average online fraud incident costs a merchant $408 in lost goods or services. In comparison, the average legitimate online transaction is only $213. However, the cost of fraud far exceeds just the value of the stolen merchandise or services. On average, a merchant will suffer a loss of over $1100 per incident of fraud due to chargeback fees and other expenses incurred in fighting the chargeback.
Why Not Having A Strategy To Deal With Credit Card Fraud Could Put You Out Of Business
Itâs far too easy for merchants to stoically accept that an occasional fraudulent transaction is just part of the âcost of doing business.â However, the statistics above show that total losses due to fraud can far exceed the cost of the fraudulent transaction itself. Chargeback fees, expenses incurred in investigating and fighting the chargeback, lost shipping costs, and other expenses can add up to far more than just the amount of a fraudulent order.
As a merchant, you should also consider that a single incident of fraud can lead to further fraudulent transactions. Once a cybercriminal does a âtest runâ and determines that youâre relatively unprotected, you can and should anticipate that youâll be subject to many follow-on attempts to defraud your business. If you suffer a fraudulent transaction â even a very small one â itâs imperative that you identify the shortcoming in your security procedures that led to the incident and immediately take steps to strengthen your defenses before the cybercriminals try again.
Suffering from fraud can also lead to the loss of your merchant account, and with it the ability to accept credit and debit cards. Fraudulent transactions inevitably lead to chargebacks, and too many chargebacks over time may cause your provider to close your merchant account â often without prior warning. If this happens, you might be able to get a high-risk merchant account from a different provider, but these accounts are much more expensive than traditional low-risk accounts. If all of your sales are online, however, being without the capability to accept credit or debit cards for a significant length of time can quickly put you out of business altogether.
Six Red Flags That Can Signal Online Credit Card Fraud
Any online transaction can potentially be fraudulent, but some transactions should raise your suspicions more than others. Unusual transactions should be scrutinized more carefully than others before being approved and processed. While not constituting conclusive proof of fraud, the following âred flagsâ indicate a higher probability of fraud and should merit further investigation:
Different shipping and billing addresses. Obviously, there are any number of legitimate reasons why a customer would want to ship an order to a different address. However, fraudsters almost always ship orders to somewhere other than their victimâs billing address. Itâs in your best interest to verify the shipping address â just in case.
Multiple orders of the same item. Itâs not out of the ordinary for a customer to order multiple quantities of an item. However, if you see an order for an unusually large number of the same item from an individual customer (not a B2B order), you might want to check it out before you ship anything.
Abnormally large orders. If an order represents a much larger ticket size than what your business normally averages, you should probably confirm that itâs legitimate before processing the transaction and shipping the goods. This not only protects you from fraud, but might also save you from having your merchant account shut down or the transaction held by your processor due to the unusually large ticket size.
Multiple orders to the same shipping address with different payment cards. Again, we have to emphasize that there are plenty of legitimate reasons why a customer might want to do this instead of just putting all orders on the same card. However, itâs a hallmark of fraudulent activity and you should definitely make an inquiry with the customer before processing the orders.
Unexpected international orders. If your business normally only processes orders in your home country, a sudden order that needs to be shipped to a foreign country should get your attention and warrant further inquiry before approval. As weâll see below, some countries have significantly higher rates of online fraud than others.
Velocity attacks. A velocity attack occurs when a hacker makes multiple attempts to run different credit card numbers in rapid succession. Often using bots, the idea is to keep trying until a number is found that works. While this is obviously fraudulent, a customer whoâs having a hard time typing in their credit card number correctly can resemble a velocity attack.
How To Prevent Credit Card Fraud: 19 Tools For Detecting & Preventing Fraudulent Transactions
If the above information has you convinced that thereâs nothing you can do to prevent online fraud from impacting your business, donât worry. There are plenty of tools â both manual and automatic â that can flag suspicious transactions for you and lower the risk of a fraudulent transaction slipping through. While itâs not possible to ensure 100% total protection, using all of the tools described below will give you the best level of protection available today. Be aware, however, that this list is not inclusive. Processors are continually working to develop new anti-fraud tools, and your provider might have other services available to help secure your account than just the ones listed below.
Use a verified merchant services provider. Although all providers claim to offer a complete suite of automated tools and features to protect against fraud, some are more effective than others. Look for good reviews (like ours!) and watch out for complaints from other merchants regarding poor account security. Youâll also want to determine whether a prospective provider offers anti-fraud tools as a standard account feature, or if theyâre only available as an optional add-on. While itâs definitely worth paying a little extra for additional security, we generally prefer to see providers offer fraud protection without charging extra for it.
Use manual (human) screening. Both you and your employees should understand how to spot suspicious buying activity that raises one of the âred flagsâ weâve discussed above. In most cases, itâs a better idea to contact the customer directly to verify the order, rather than blocking it automatically and potentially alienating a legitimate shopper.
Use the Address Verification Service (AVS). An AVS mismatch is a strong indicator that the order is fraudulent, as a hacker using stolen payment information is unlikely to know the actual card ownerâs physical address. Most merchant services providers mandate the use of AVS for all eCommerce transactions, so this tool is already part of your merchant account.
Confirm the buyerâs location. Geolocation and IP address verification tools can confirm with reasonable certainty that the customerâs IP address matches the billing and shipping addresses provided. This method of detecting fraud will not be 100% effective if a legitimate customer is placing an order while traveling, but can often catch suspicious transactions in most other circumstances. Unfortunately, some countries have significantly higher rates of online fraud than others. The âusual suspectsâ include countries such as Russia, Nigeria, Pakistan, and Indonesia. However, other countries such as Romania, Bulgaria, and even Israel also have high rates of online fraud. Note that âproxy piercingâ technology provides some defense against hackers who intentionally mask their IP address using tools available on the Dark Web.
Use CVV (and CVC) checks. Card Verification Values (CVV) and Card Verification Codes (CVC) are three- or four-digit codes that are printed on the back of all credit and debit cards. Whenever possible, youâll want to obtain and match the cardholderâs code against the value submitted with an order. Unless the card in question has been physically stolen, itâs unlikely that a hacker will have access to this information. As with AVS, many merchant services providers will require the use of CVV/CVC checks before accepting any online transaction.
Use Verified by Visa and 3D Secure. These anti-fraud tools allow customers to create a unique Personal Identification Number (PIN) to authenticate their identity when placing an online order. For more information on these two programs, see our article, What Are Verified By Visa And 3D Secure?.
Use device fingerprinting. Device fingerprinting looks at a computer deviceâs operating system, unique device identification number, and other available information to see if that device has been used to make fraudulent transactions in the past. Device fingerprinting tools are usually available via third-party providers, such as ThreatMatrix.
Use tokenization and encryption. These security measures are now standard features of most modern payment gateways. Both methods protect your customersâ credit card data from being stolen during a legitimate online transaction. The use of tokenization and encryption is an essential step in keeping your merchant account PCI compliant.
Use velocity attack protection tools. As weâve noted above, velocity attacks involve repeated attempts to place an order with different credit card numbers, often with the use of a bot. These types of attacks can be detected and blocked by IP address using payment gateway security tools.
Use biometric identity verification tools. As you might imagine, biometric tools, such as fingerprint readers, are not ordinarily available to eCommerce merchants. However, they can be set up if you allow users to pay on your site using digital wallets, such as Apple Pay on the Web or Google Pay. In this case, the userâs device becomes the biometric tool, using a built-in fingerprint reader or Face ID technology to authenticate the consumerâs identity.
Set flexible refund policies. Buyers are more likely to file a chargeback if they canât return an item due to an overly strict refund policy (i.e., the allowed refund window is too short). You can cut down on âfriendlyâ fraud by giving your legitimate customers a reasonable amount of time to complete a return.
Emphasize order fulfillment. Ensure that all orders ship promptly and verify that theyâve been delivered. Delivery tracking can provide proof that the goods were delivered and received, helping to protect against âfriendlyâ fraud.
Ensure high-quality customer service. Quite frankly, offering poor customer service will increase your risk of fraud as customers become frustrated with doing business with you. Strive to provide the best possible customer service during business hours, and, if you have the resources, offer 24/7 customer service via both telephone and email. After-hours customer service can be outsourced (just in case you like to be able to sleep at night).
Provide high-quality employee training. Employee training goes hand-in-hand with manually screening all orders (see above). You must ensure that all employees who handle orders are adequately trained to spot signs of fraud and know what to do if they see something suspicious. This training needs to be an ongoing process, with frequent refreshers to remind employees of what to look for and to update them on the latest developments in anti-fraud procedures.
Ensure that your merchant account is PCI-compliant. This one is not optional. You must maintain PCI compliance standards to safeguard your customersâ credit card data. Being out of compliance will increase the risk of a data breach, which in turn will result in more incidents of fraud as hackers exploit the data theyâve stolen. Even if you donât suffer a data breach, your merchant account provider will penalize you with a PCI non-compliance fee (on top of whatever theyâre charging you for PCI compliance) for every month that your account is out of compliance. Note that following the proper PCI compliance steps will not completely eliminate the chance of a fraudulent transaction. However, it serves as a strong defense when an incident occurs. The most critical steps in PCI compliance include configuring and using a firewall to secure your website, performing frequent antivirus scans, following good password security measures, and using SSL certificates (i.e., âhttps:â) for your site.
Analyze actual incidents of fraud. If you experience an actual fraudulent transaction, youâll want to go back and determine how it happened and what you can do to make it less likely that it will happen again in the future. If you uncover any weaknesses in your defenses, youâll obviously want to make some changes.
Practice good chargeback mitigation strategies. Chargebacks and fraud are two separate subjects, but they tend to go hand-in-hand in many cases. Youâll want to implement the commonly recognized best practices to prevent chargebacks and successfully defend against them. See our article, The Complete Guide To Preventing And Winning Chargebacks, for more information.
Upgrade to the latest in payment technology. If your business also makes retail sales, youâll want to use EMV-compliant equipment exclusively for accepting credit and debit cards. EMV has been the default standard in the United States for card-present transactions, although there are still many businesses that havenât adopted it and are putting themselves at risk for fraud. NFC payment methods (such as Apple Pay and Google Pay) should also be added, if you havenât done so already. NFC is more convenient for consumers and even more secure than either magstripe or EMV payment methods.
Use multiple fraud detection tools. Itâs essential that you donât rely exclusively on any one tool weâve discussed above. Instead, use a layered approach that incorporates firewalls, good password security measures, use of AVS, and CVV/CVC checks to protect your business. Automated fraud scoring tools, such as IP geolocation, AVS, CVV, and device fingerprinting tools can be used together to determine a fraud probability score. You can then set your payment gateway to automatically flag or decline transactions that score high enough to raise a reasonable suspicion of being fraudulent. Also, be sure to re-screen orders that are modified by the customer after being placed, but before the goods have been shipped. At the same time, donât be too trigger-happy when it comes to blocking transactions. Frequently screening out legitimate transactions will frustrate your customers and cost you their business. In an era where anyone can post their opinion of a business online, this could really hurt you in the long run.
The Final Word On Credit Card Fraud Detection
As youâve probably gathered from all the information weâve presented so far, payment fraud is a real and growing threat to your online business. While itâs not possible at this time to build a completely foolproof defense against it, you can minimize your chances of letting a fraudulent transaction slip through by following common-sense practices and implementing the anti-fraud tools weâve discussed above.
Protecting your business from fraud is an ongoing process, as fraudsters are constantly finding new ways to get around the latest anti-fraud measures. They arenât going to give up just because one particular avenue of attack has closed on them, and neither should you. Securing your account is a never-ending effort that will require coordination between you, your employees, and your merchant account provider.
Many of the tools weâve discussed above can be implemented by you as the business owner without the help of other parties. At the same time, a lot of the newer anti-fraud measures available today will require installation and configuration by your merchant services provider or gateway provider.
One thing weâve noted over the course of reviewing dozens of merchant services providers is that they all take payment security and anti-fraud measures very seriously. This includes even the worst providers on the market (of which there are quite a few). The difference is that a low-quality provider will often offer you only the most basic anti-fraud tools, and theyâll usually charge you extra for them. Protecting your account from fraud is extremely important, but you shouldn’t have to pay an unreasonable amount of money for anti-fraud tools â especially when other providers include the same tools as a standard feature with your account.
In evaluating a potential merchant services provider, look carefully at what types of anti-fraud tools they offer, and whether these come with your account. The best providers will include a full range of essential anti-fraud tools with your account, although more specialized services might be offered as an optional add-on for a reasonable fee. Paying a little extra to secure your account against payment fraud is a worthwhile investment, especially considering the potential costs of suffering a data breach or a fraudulent transaction that slips through your defenses. For some recommendations of great merchant services providers that specialize in serving the eCommerce community, check out our article, The Best Online Credit Card Payment Processing Companies.
The post How To Detect (And Prevent) Online Credit Card Fraud â And Why You Need A Solid Strategy To Manage Fraud For Your eCommerce Business To Succeed appeared first on Merchant Maverick.
So, youâre all set to launch your new business and make your fortune (well, hopefully). You realize that it would be nice if your customers could pay you using their credit and debit cards. Okay, âniceâ isnât nearly a strong enough word to describe how desirable this option is. In todayâs increasingly cashless society, itâs flat-out essential for most businesses to be able to accept credit cards. Without that ability, retail companies will lose out on sales, and eCommerce businesses will have a hard time making any sales at all.
You realize that youâre going to need a merchant account to process your credit and debit card transactions. But where do you find one? Every provider you talk to wants a ton of information about your business, tells you that they have the lowest rates (without mentioning what they are), and tries to pressure you into signing a lengthy contract before youâve even had a chance to read it. Then you hear about Square (see our review). No lengthy contracts. No endless forms to fill out. No monthly fees. Rates that are published right on their website. What kind of black magic is this? It all seems too good to be true.
Square â and other companies like it â are what are known as third-party processors. Rather than giving you your own merchant account, they oversee a giant merchant account thatâs shared by all their users. In this article, weâll explain how third-party processors work and how they differ from traditional merchant account providers. Weâll also explain the advantages and disadvantages of using a third-party processor rather than signing up for a full-service merchant account. Finally, weâll give you some examples of popular third-party processors that are helping businesses just like yours every day.
How Third-Party Payment Processing Works
First, letâs discuss nomenclature for a moment. The credit card processing industry is notorious for using different, non-standardized terminology to describe the various entities youâll encounter when you set up a merchant account for your business. While there often isnât a single, âcorrectâ term that must be used, youâll find certain terms are more commonly used than others.
The most broadly-defined term you need to know is merchant services provider. This is any business entity that can help you process credit or debit card transactions â regardless of how they do it. Breaking this down a little more, there are two types of merchant services providers:
Merchant Account Providers (MAPs):Â These companies will set you up with a traditional, full-service merchant account. Your account will include a unique merchant identification number that identifies your business to the payment processing networks. There are dozens â if not hundreds â of merchant account providers on the market, many of whom are resellers for a small group of very large direct processors. Examples include Payment Depot and Fattmerchant.
Read our Review
Payment Service Providers (PSPs):Â These companies provide you with the ability to accept credit and debit card payments, but donât offer a true merchant account with a unique merchant identification number. Instead, your account will be aggregated with that of other businesses using their service. Although there are relatively few PSPs in the industry, theyâve garnered a large share of the processing market in recent years by offering a low-cost solution to small business owners. Examples include Square, PayPal, and Stripe Payments.
Read our Review
While the term merchant account provider is very commonly used, things get a little fuzzy when it comes to payment service providers (PSPs). Although both Visa and Mastercard officially use the term payment service provider, youâll also commonly hear them called third-party processors, aggregators, and even payment facilitators. You just need to understand that all these terms refer to the same thing: a company that can allow you to process credit and debit card transactions without the need for a full-service merchant account. For a more in-depth look at payment service providers and how they operate, check out our article, What Is A Payment Service Provider?.
Third-Party Processors VS Merchant Accounts
Before you decide that a third-party processor is a good choice for your business, you need to understand how they differ from traditional merchant account providers. Hereâs a rundown of the main differences youâll encounter between these two types of business entities:
Simplified Underwriting: Traditional merchant account providers need to collect an extensive amount of information about your business before they can approve you for an account. This process can take several days â or even weeks. Third-party processors already have an aggregated merchant account that you can be added to, so they donât need nearly as much information upfront. They can usually approve you in fewer than 24 hours, and in many cases, the application process can be completed entirely online. For this reason, third-party processors are often a great choice for new businesses that donât have an established processing history yet.
Account Stability:Â The downside to quick and easy approval is that itâs just as easy for your account to be shut down. Square, in particular, has a bad reputation when it comes to account stability. Account holds, freezes, and terminations can happen unexpectedly for a number of reasons. Perhaps the most common cause is when a business attempts to process a single transaction thatâs much larger than what theyâve averaged previously. Similarly, Square will shut you down quickly if they determine that youâre a high-risk merchant.
No Long-Term Contracts: While your relationship with your processor will always be governed by a contract of some type, Square and other third-party processors don’t require you to keep your account open for a specified length of time. Merchant account providers, in contrast, frequently require you to accept a long-term contract (typically for three years) with an automatic renewal clause that extends your contract for one-year periods and an early termination fee (ETF) that youâll have to pay if you break your contract by closing your account early. While these provisions are more or less the industry standard, theyâre very unpopular with merchants. As a result, there is a growing number of merchant account providers who have ditched the long-term contracts and allow you to maintain your account on a month-to-month basis.
Pay-As-You-Go Billing:Â Unlike merchant account providers, who typically charge a number of monthly and annual fees in addition to your processing charges, third-party providers usually only charge you for the cost of processing your transactions. You usually wonât have to pay a monthly account fee, an annual fee, PCI compliance fees, or gateway fees. The tradeoff is that your processing rates will usually be significantly higher overall than what youâd pay under an interchange-plus pricing plan offered by a traditional merchant account provider.
Simplified Processing Rates: Most third-party processors offer simplified,Â flat-rate pricing for processing your transactions. Everyone pays the same rates, and theyâre published right on the providerâs website. This makes it much easier to know in advance what your overall costs will be so that you wonât get hit with any sudden surprises on your monthly billing statement. However, you should be aware that flat-rate pricing rates are notably higher than most interchange-plus rates, particularly for PIN debit transactions. At higher monthly processing volumes, this can actually make using a third-party processor more expensive than a traditional merchant account.
Customer Service Options:Â Third-party processors arenât known for offering a full range of ways to contact customer service. Instead, youâll often find yourself rummaging through an FAQ on their website or trying to contact them via email. This situation is gradually getting better, with some third-party processors now offering telephone-based customer support where you can talk to an actual human being.
As weâve noted previously, both third-party processors (or payment service providers) and traditional merchant account providers fall under the term âmerchant services providers,â as theyâre both able to process your transactions and deliver the funds from those transactions to you. However, itâs essential to consider the differences between these two types of entities and to understand how those differences could affect your particular business.
Can I Really Accept Credit Card Payments Without A Merchant Account?
The upshot of the above discussion is that, yes, you can take credit and debit cards without having to sign up for a full-service merchant account. Third-party processors such as Square or PayPal give you the ability to process these types of transactions without the expense and paperwork of setting up a merchant account. For a new business thatâs just getting off the ground, this can be a great option. Youâll save money on fees, and youâll be able to start taking credit card payments much quicker than if you had to go through the full underwriting process that getting a merchant account requires.
However â and we canât emphasize this point enough â third-party processors are not the best choice for every business. Both third-party processors and full-service merchant accounts have their good and bad points, and you need to understand them and determine how they affect your business before deciding on which type of payment processor to use. Below, weâll discuss the advantages and disadvantages of third-party processors, and how you can evaluate which kind of processor is right for your business.
Advantages of Third-Party Payment Processing
Hereâs a look at the benefits of using a third-party processor for your business:
Quick Setup:Â Square and other third-party processors allow you to sign up for an account online, and youâll usually be approved in little or no time. Just download the Square app and log in, and you can start accepting cards instantly. (Note that youâll need to wait for your card reader to arrive in the mail before you can accept card-present transactions.) This feature is in marked contrast to the underwriting procedure that a merchant account requires, which can take days or even weeks to complete. The flip side is that your account wonât be as stable as a true merchant account, and youâll have to be very careful to avoid any account holds, freezes, or terminations.
Technology-Driven Platforms: In our experience, there is a fundamental cultural rift between third-party processors and traditional merchant account providers. Third-party processors tend to be established and run by people with computer science degrees and deep tech backgrounds. Merchant account providers, however, are usually run by bankers with business degrees who arenât really experts in modern computer technology. While they offer most of the same software products (such as payment gateways, virtual terminals, etc.) as third-party processors, they often rely on outside contractors to develop them, as they donât have the same level of in-house expertise that youâd find with a third-party processor. This rift is slowly closing, but for now, youâll still find that third-party processors offer products that are more automated, more integrated into cloud-based platforms, and more feature-rich than what most merchant account providers can give you.
Low (Or No) Initial Setup Costs:Â If you just need a payment gateway or a magstripe-only card reader for your smartphone, account setup with Square is essentially free. Although we highly encourage you to part with a few dollars and purchase the companyâs EMV card reader, this cost is still a fraction of what youâll pay to get started with a full-service merchant account. Application fees, account setup fees, and paying for a credit card terminal can all add up to hundreds of dollars, depending on the provider. Fortunately, competition from third-party processors is forcing merchant account providers to lower (or even eliminate) many of the costs associated with establishing a merchant account.
No Monthly Fees:Â Perhaps the most attractive feature of third-party processors to small business owners is that they (usually) donât charge any monthly fees to maintain your account. Monthly account fees, statement fees, PCI compliance fees, and annual fees are all eliminated. You also wonât have a monthly minimum hanging over your head every month. This makes third-party processors particularly affordable to very small businesses that donât have a high monthly processing volume. Also, seasonal companies wonât have to worry about being charged during the months when theyâre not operating at all.
Predictable Flat-Rate Pricing:Â Itâs nice to know in advance what it will cost you to process a transaction, and third-party processors make this easy to do with their simple flat-rate pricing plans. With this type of pricing, you can also more accurately estimate your monthly processing costs, meaning that you shouldnât have any unpleasant surprises waiting for you on your monthly processing statement.
No Long-Term Contracts:Â Third-party processors only charge you for actually using your account, and you wonât be locked into a lengthy contract. You also wonât have to worry about getting hit with an early termination fee if you close your account. Note that an increasing number of traditional merchant account providers are now beginning to offer this feature as well, so you donât necessarily have to sign up with a third-party processor to avoid getting locked into a long-term contract anymore.
Free Hardware: When Square first launched in 2009, one of its most attractive features was that each account came with a free magstripe card reader that plugged into your smartphone or tablet. Together with the Square app (also free), you could log in and start accepting credit card payments right away. In contrast, most merchant account providers at the time would either sell you a credit card terminal for a few hundred dollars or sign you up for an expensive terminal lease that would ultimately cost you even more. While Squareâs magstripe reader is still free, itâs also obsolete. We highly recommend purchasing the companyâs EMV-capable reader, which costs far less than a standalone terminal.
Disadvantages of Third-Party Payment Processing
Okay, if third-party processors are so great, why isnât everyone using them? Why are full-service merchant account providers still in business? The answer, of course, is that third-party processors also come with some significant limitations that make them a poor choice for a lot of businesses. Before you rush out to sign up for your âfreeâ third-party account, consider some of the following disadvantages:
Account Stability Issues:Â Not having to go through the complete underwriting process makes it quicker and easier to get up and running, but it also means that your account isnât as secure as an individual merchant account. While having a full-service merchant account doesnât provide complete protection from account holds, freezes, and terminations, it does make them much less likely. Consider the potential impact of an account freeze on your business before you sign up with a third-party processor. In our experience, these unfortunate incidents usually occur because either (1) the merchant attempted to process a much larger transaction than their average ticket size, or (2) the processor discovered that the merchant was selling something thatâs expressly prohibited by their user agreement. This includes most high-risk businesses, including CBD merchants.
No Specified Processing Limits:Â With a full-service merchant account provider, youâll be required to stay within maximum monthly processing limits and maximum transaction sizes. Third-party processors, unfortunately, tend not to specify what these limits are in advance. Youâll only find out that youâve gone over a limit when you actually exceed it and suddenly have your account shut down. While the majority of merchants using third-party processors never experience this problem, itâs still important to consider it before you sign up.
Limited Acceptance For Specialized Cards:Â Third-party processors generally donât allow you to accept specialized cards such as SNAP/EBT cards or government-issued credit cards. Debit cards are generally accepted, but youâll pay much higher processing rates than you would under an interchange-plus pricing plan offered by a traditional merchant account provider.
Limited Hardware/Software Options:Â With so many credit card terminals, POS systems, payment gateways, and online shopping carts on the market, traditional merchant account providers go to great lengths to ensure that their accounts are compatible with as many of these products as possible. With a third-party processor, youâll usually be limited to using just the hardware and software products that your processor offers â and these are often pretty generic. This might not be much of an issue for a small business owner, but as your business grows, youâll eventually want to add many of the bells and whistles that are available with a full-service merchant account provider.
Expensive Flat-Rate Pricing:Â Wait a minute. Didnât we just say that third-party processors were less costly than full-service merchant accounts? Well, thatâs only true in some circumstances. For a very small business owner, youâll usually save money with a third-party processor because you wonât have to pay all the extra monthly and annual fees that come with a full-service merchant account. However, flat-rate pricing is significantly more expensive than interchange-plus pricing, at least on a per-transaction basis. Debit card transactions, in particular, are dirt cheap under interchange-plus pricing. With a flat-rate pricing plan, however, youâll pay the same high rates for debit cards as you will for credit cards. Youâll want to carefully analyze your overall costs under each type of pricing before deciding which option is best for your business.
Limited Customer Service Options: Square â like many other third-party processors â is notorious for offering limited options for customer support. For a long time, Square didnât even have a phone number that you could call for help! Customer support was often limited to email, which was slow and required a lot of back-and-forth messages to resolve an issue. Merchant account providers, however, usually offer 24/7 telephone support. Unfortunately, the quality of that support can vary widely from one provider to another.
Is Third-Party Payment Processing Right For Me?
By now, it should be quite clear that the choice between a third-party processor and a traditional merchant account will depend on the nature and size of your business. There isnât a single provider on the market that offers a true âone size fits allâ service thatâs suitable for every business. Third-party processors are usually a great choice for very small or seasonal businesses that donât process a lot of credit card transactions, donât have a high monthly processing volume, and donât need any of the fancier bells and whistles that are available with a merchant account.
Ultimately, your overall processing costs will determine whether you should sign up with a third-party processor or go all-in with your own merchant account. Whichever option meets your needs for the lowest cost will, naturally, be the best choice. Unfortunately, it isnât always easy to accurately determine which option will save you the most money. As a very general rule, we usually recommend third-party processors to small businesses and merchants who are just starting out. In contrast, larger, more established businesses will usually save money with a traditional merchant account.
Typically, the single most important factor in making this determination is your monthly processing volume. Unfortunately, there are so many variables involved that we canât provide a specific amount where it makes sense to upgrade to a full-service merchant account. Weâve seen figures from vendors ranging from as low as $1,500 per month to as high as $10,000 per month. The important thing to understand is that this number is highly variable and unique to your business. Youâll have to compare quotes from several merchant account providers and compare them against what youâre currently paying to figure out whoâs offering the best deal. To make this process as simple and accurate as possible, we recommend our Merchant Account Cost Analysis Workbook, which includes spreadsheets to help you automatically compare rate quotes.
Lastly, choosing between a third-party processor and a merchant account isnât entirely a matter of dollars and cents. Sometimes, itâs worth paying a little extra for things like better customer support or more fully featured software. While costs are always going to be important, we recommend that you consider the overall value you receive in choosing a provider. Good luck!
The post The Truth About Third-Party Payment Processing appeared first on Merchant Maverick.
It’s hard to beat the convenience of selling products over the internet.Â Not only do you not have to worry about paying the overhead costs of a brick and mortar store (unless you want to), but you can sell to customers that live far from your local market.
If your experience taking electronic payments has been limited to swapping cash with friends via Venmo, you’ve probably got a lot of questions about how to get started. In truth, it’s probably both more and less complicated than you think.
So let’s dive in and try to teach you everything you need to know about eCommerce payments.
1. There’s No One-Size-Fits-All Solution
First, some disappointing news. There isn’t one single “correct” way to handle eCommerce. The right payment processing solution will depend upon a number of factors. Take a business website, for example. Do you currently have one that you’d like to start selling products through? Or are you content to use a premade shopping cart template? If you’re a relatively technical person, you can integrate solutions into your site with software APIs or plugins. If you’re not, you’ll probably want to consider a service that provides that functionality upfront. While you can potentially save money doing it yourself, you’ll need to make sure that you’re keeping your customer’s information secure and reducing your own liability.
You’ll also want to consider the nature of the payments you’ll be accepting. Are your customers just buying a product one-off, or are they subscribing to a service that will require recurring monthly payments?
And of course, you’ll need to take stock of your budget and figure out how much you’re willing and able to spend on payment processing and any additional software services.
2. You Need A Payment Processor And A Gateway
A common point of confusion for people new to eCommerce is that there are actually two components to taking payments online. You need both a payment processor and a gateway. These services may be offered together as a package (PayPal, Square, and Stripe, for example) or separately. If you do end up going with a payment processor that doesn’t include gateway access, you’ll need to get it from a separate service like Authorize.net.
A payment processorprovides an account that allows your business to accept credit cards and receive credit card payments. It’s also used to deduct fees and processing charges associated with the transaction. After the payment gateway successfully processes a transaction, your payment processor receives the information.
AÂ payment gatewayÂ stands in for what would be your point of sale (POS) interface in a brick-and-mortar transaction. It allows you to securely process payments online by relaying the transaction information from your site to the processor, which then requests the payment from the customer’s bank before releasing funds to you. A payment gateway is also responsible for most of the security features associated with online payments as well as offering services like recurring payments and a credit card vault.
Types Of Payment Processors
Because nothing is ever simple in the world of payment processing, you won’t just need to think about getting a payment processor, but what type of payment processor you need.
The safest option is to go with the tried-and-true merchant account. Think of your merchant account as a holding area where all the busy work of receiving a credit card payment happens. Unlike, say, a business checking account, you don’t have direct access to your merchant account or the ability to directly make deposits and withdrawals to it. Instead, it automatically transfers payments to your business bank account, typically a day or two after receiving the transaction.
Merchant accounts are generally stable and you’re unlike to encounter holds, freezes, or terminations unless you have a sudden spike in chargebacks. Because of the underwriting process, merchant accounts are somewhat slow to establish–you’re probably looking at three days or so to get it up and running, though if you are negotiating or your business is particularly complex, it could take longer. The biggest drawback is that they often have minimum credit card transaction thresholds you have to meet; $5,000/month is typical but some expect you to handle at least $10,000/month in credit card sales. Pricing models with merchant accounts vary, and not all of them are great. We recommend interchange-plus pricing because it’s the most transparent and easiest to compare.
So what do you do if your new business isn’t doing that kind of sales volume?
You can turn to a third-party processor (aka payment services provider). Instead of having your own, unique merchant account, a third-party processor puts you in a pooled account with other merchants, from which fees are deducted in a similar manner to the merchant account. Signing up for a third-party processor is typically faster and easier than for a merchant account (you can start accepting payments the same day), but puts you at greater risk of account holds and terminations. Still, they provide an entry point for new businesses, or established ones that want more predictable pricing. Most third-party processors use a flat-rate pricing model where you’ll pay the same fee regardless of the card type; for eCommerce, that rate is commonly 2.9% + $0.30.
3. You Can Accept More Than Just Credit Card Payments
While credit and debit cards will probably make up the bulk of your eCommerce transactions, they aren’t the only way to make payments online.
It seems like every few years a new tech company rolls out their own digitalÂ wallet. We’re talking about services like Apple Pay, Google Wallet, PayPal, Venmo, and Cash App that allow you to link one or more payment sources to a single app account. In person, mobile wallets (a type of digital wallet that lives on your phone) allow you to make near field communication (NFC) purchases at terminals that allow tap-to-pay. In most cases, mobile wallets directly debit a linked credit or debit card while other digital wallets tend to store a balance, which can be used to make payments or be deposited into a bank account.
Many of these services can be used to make payments online as well. If your payment gateway doesn’t support mobile payments out of the box, it probably won’t be that big a deal since the customer can still just pay with the card attached to their mobile wallet. But if you want to go ahead and support mobile payments, you may have to add some code to your store.
The other type of payment you may want to think about isn’t cutting edge. In fact, it’s been around since the 70s: the automated clearing house (ACH). ACH transactions cut out the credit card company middleman and instead establish direct transfers between bank accounts. ACH payments can be one-time transactions, but if you’re using them in a retail context, you’re probably more interested in using them for recurring payments.
ACH is a bit more laborious to use at the point of sale than credit/debit cards, but it is a much less expensive way to process transactions and less prone to fraud and chargebacks. Most payment processors don’t offer ACH support by default, but a number do offer it as an add-on. Failing that, you may need a supplemental service.
Do You Want To Sell Globally? Prepare To Pay More
The internet is a miracle of the modern age, connecting people together and granting you easy access to markets abroad! Right?
While it’s true that you canÂ theoretically sell anywhere in the world, it introduces some additional complexities. For starters, there’s the matter of different currencies. Someone’s got to turn those euros into dollars! Some service providers, like Stripe, will handle currency conversions for you. Keep in mind that this service will usually come at a premium; in the case of Stripe, you’re looking at an additional 2% charge on your transaction.
And of course, you might want to convey the price of your goods to customers in their local currency. This feature usually goes hand-in-hand with automatic currency conversion, but you might need to enable this feature if you want to attract global buyers.
You’ll also need to take local taxes, customs, and duties into account, which means familiarizing yourself with foreign concepts like the value-added tax (VAT), which is used in Europe, Canada, South America, and Africa, as well as China and India. Here again, there are services that can take care of most of this complexity for you, but be prepared to pay for the privilege.
4. You Need To Be PCI Compliant
If you’re doing eCommerce, you’re going to be handling people’s money, and that means security concerns. And yes, yet another acronym.
The Payment Card Industry (PCI) has established a set of guidelines called the PCI Data Security Standard (PCI DSS) designed to minimize the risk of data being compromised by bad actors. So far so good, but PCI compliance is complicated by the fact that it’s actually a set of four different standards. The standard that applies to you is based on the number of debit and credit card transactions you process annually. Risk level four is considered the lowest risk, while risk level one is considered the highest. The fewer transactions you process, the lower risk you are unless there’s a data breach, at which point you’ll probably be considered risk level one regardless of your volume.
It gets a bit complicated, but what this means in practical terms for you is that you want to make sure your payment processor is PCI compliant and that you’re following the guidelines laid out by your PCI-compliant payment processor.
Payment Security Is Important
It can be a headache, but payment security will ultimately help protect your business and save you from costly chargebacks and account freezes. EMV chips have helped to reduce in-person credit card fraud, but unfortunately, that means online transactions are the new low-hanging fruit for fraud.
In addition to maintaining PCI compliance, security features like AVS (Address Verification Service) and CVV (Card Verification Value, that short number you’re asked for sometimes) provide extra layers of verification would-be fraudsters have to work through. Programs like Visa’s 3D Secure are also constantly evolving to make the changing payment security landscape.
How To Find An eCommerce Payment Provider
Got all that? eCommerce payment processing has a lot of moving parts that can confound even the tech-savvy. Having a sense of the functionality you need in advance will make it much easier to select a payment processor and gateway that can handle the transactions your business depends on. But you should also keep in mind how much of a budget you have for the monthly services required to keep your eCommerce setup running, what you can expect to pay for payment processing, and whether you’re going to need some technical assistance in building out your system.
If you’re ready to get started, we recommend checking out our list of the best online credit card processors. This will give you the rundown on some of the best options in the industry. If you want to learn a bit more about online payments before you get started, our article How To Choose An eCommerce Merchant Account is another great resource.
The post Everything You Need To Know About eCommerce Payments appeared first on Merchant Maverick.
So you’re looking to take advantage of everything that online commerce has to offer and enter the world of ecommerce? Good for you! Of course, this will require you to be able to accept online credit card payments. To do this, you’ll need an internet merchant account.
Sounds simple enough, right? If only! Not all merchant accounts are created equal. When choosing an internet merchant account for your ecommerce business, you’ll need to understand how a merchant account interacts with the other elements necessary for selling online, like payment gateways, payment processors, and shopping carts (not the kind you push around). Some services combine one or more of these elements, but it’s still important to distinguish these elements from one another.
Confused yet? Don’t worry — we’ll spell it all out for you!
What Is A Merchant Account?
A merchant account is a specific type of business account into which your customers’ money is deposited after they use their credit or debit card to make a purchase from you. After these payments are verified, the money is transferred to your own business bank account, which is entirely separate from your merchant account. You have no control over the merchant account — it is merely the middleman between your customers’ money and your business bank account.
So, why include this middleman at all? Wouldn’t it be easier to simply accept credit and debit card payments directly and get the funds deposited directly into your business bank account?
Unfortunately, credit card processing doesn’t work that way. When your customer pays you, the transaction ultimately still involves two other major parties: the issuing bank (which grants the customer cards and is responsible for collecting any payments from the customer) and the acquiring bank (which requests and then collects payments from the issuing bank and then releases them to the merchant). Because the payment process is so complicated — the acquiring bank has to ask for the funds from the issuing bank, which has to verify that the customer has those funds available and then transfer them — the merchant account essentially functions as a holding space or even as a sort of line of credit.
Merchant Account VS Third-Party Processor
When selecting a service to process your customers’ card payments, you’ll be choosing from between two different categories of services: direct processors (the providers of merchant accounts like the kind described above) and third-party processors (also called aggregators) like PayPal, Stripe, and Square.
Read our Review
Setting up an account with a third-party processor is simpler and less time-consuming than setting up a merchant account. This is because third party processors don’t set you up with your own unique merchant account. Instead, the third-party processor aggregates all of its merchants into one enormous merchant account.
What do these differences mean for you, the merchant? For starters, the merchant accounts offered by direct processors typically provide you with a higher level of account stability. This is due to the extensive underwriting and risk assessment you have to undergo to get your merchant account. With third party processors, you are subjected to very little underwriting beforehand. Therefore, the processor scrutinizes your activities much more intensely, making it more likely that you’ll experience an account hold or termination.
The flip side of this is the cost advantage of third party processors. These services typically feature flat-rate pricing and pay-as-you-go agreements. There are few (if any) monthly or annual fees to pay, and you don’t need to meet a monthly minimum in card transactions, making it easy to start taking credit card payments with no established business history.
With direct processors, you’ll be paying monthly and potentially annual fees, you’ll need to be processing at least $5,000 to $10,000 per month in card transactions, and the pricing is not normally flat-rate — your rates may vary depending on the nature of your business model and your industry. Many merchant accounts still require you to sign a multi-year contract. (That said, many of the best processors in the industry have done away with these 3-year contracts and early termination fees in favor of month-to-month agreements, and we recommend that you not settle for a multi-year contract until you’ve explored all your options.) Still, above that $10,000/month mark, merchant accounts do offer cost savings and as your volume increases you’ll qualify for even more discounts.
For more on third-party processors and how they stack up against traditional merchant accounts, check out these articles:
The Best Online Credit Card Processing Companies
The Truth About Third-Party Payment Processing
What’s A Payment Gateway?
We’ve established what a merchant account is, so let’s move on to payment gateways.
While a merchant account is the account into which your payment processor sends your customers’ payments before they are transferred to your business bank account, a payment gateway connects your online store to your payment processor, facilitating your customers’ online transactions.
Payment gateways enable online transactions like so: the gateway integrates with your ecommerce store to securely capture the payment details for customer transactions. The gateway then routes that information to your payment processor or acquiring bank, which assumes control of the payment process. The gateway will then send an approval or decline message back to the merchant based on whether or not the processor/acquiring bank accepts the payment.
When you use a third-party processor, a payment gateway is typically included in the service. With direct merchant accounts, a gateway service may or may not be included for an additional fee. Some processors do offer gateways as part of their services, at no additional cost. Ultimately you’ll need to check with the processor to find out.
PCI Compliance With Online Merchant Accounts
What is PCI compliance, and how do you achieve it?
PCI compliance refers to a set of safety practices established by a council (the Payment Card Industry, or PCI) sponsored by the major credit card companies to ensure that a consumer’s payment information is secure when making a purchase using a credit or debit card. These standards, which apply to all businesses that accept credit and/or debit cards, are meant to standardize the securing, processing, and transmission of cardholder data.
If your merchant account provider deems you to be PCI non-compliant, you’ll be subject to a PCI non-compliance fee of around $30 per month until your account is compliant. What’s more, if your non-compliance results in a data breach, you can be fined anywhere from $5,000 to $500,000!
You’ve probably gathered by now that it’s a good idea for your business to be PCI compliant. For most small businesses, that means being Level 4 PCI compliant. Level 4 is the PCI standard that applies to businesses up to a certain size — it’s essentially the lowest bar to clear. Larger businesses must comply with higher PCI standards, with Level 1 standards applying to both the largest businesses and businesses that have suffered a data breach.
When choosing a payment processor, you’ll want to make sure your provider offers features such as PCI compliant processing hardware and software, quarterly network vulnerability scans, and assistance with completing and filing a Self-Assessment Questionnaire (SAQ).
Most third-party processors handle the entire process of PCI compliance for you, but with a merchant account, you should be expected at minimum to have to complete the SAQ.
If you’re running a brick-and-mortar business with no ecommerce component, you might think PCI compliance has nothing to do with you. However, if your business accepts credit cards, it almost certainly utilizes the internet to do so at some point in the process, so you’ll still need to be PCI compliant. It’s easier for physical-only businesses to establish PCI compliance than it is for online businesses, though.
Some PCI best practices are no-brainers. For instance, you don’t want to store your customers’ card data on your own hard drive or server, you should never use default passwords, and you’ll need to use a firewall on your network and computers. There’s more to PCI compliance than these obvious measures, however. For a detailed explanation of what PCI compliance means for your business, I highly recommend reading our comprehensive article on the subject, The Quick Guide To PCI Compliance For Small Businesses.
How Much Does An Internet Merchant Account Cost?
When choosing a merchant account, it’s important to know the different pricing models offered by payment processors:
Flat-Rate Pricing: This pricing model has the advantage of being predictable. You’ll pay a fixed rate for each transaction, making it easier to predict your processing costs. While you’ll usually pay more on a per-transaction basis than with other pricing models (and you donât know how much the processor is making off a transaction), you probably won’t have to pay monthly fees or other types of fees charged by processors offering other pricing models. Third-party processors like PayPal, Square, and Stripe use this pricing model. To learn more about flat-rate pricing, check out our flat-rate credit card processing explainer.
Interchange-Plus Pricing: Also known as cost-plus pricing, interchange-plus pricing is the pricing model preferred by Merchant Maverick. Why? Because it’s the most transparent model and it makes rate comparisons between processors easy. With interchange pricing, the processor passes on the interchange fees (fees charged to the merchant’s bank account and paid to the bank that issued the card) and assessments (fees paid directly to Visa or Mastercard etc.) while charging a small markup above that (often a percentage and a flat fee). Check out this article for more on how interchange-plus pricing works and why we prefer it.
Membership Pricing: This is the pricing model used by subscription-based payment processors like Fattmerchant and Payment Depot. Under this pricing model, you’re charged a single monthly subscription fee instead of the assortment of fees other pricing models feature. You’ll also likely pay a flat fee of between $0.08 and $0.15 per transaction as well as interchange fees. Higher-volume businesses can find themselves saving money under this pricing scheme.
Read our Review
Tiered Pricing: Tiered pricing is an older pricing model not commonly used by modern businesses. We don’t recommend it. All transactions are grouped into two or three tiers of transactions, ranging from the lowest-priced transactions to the highest-priced transactions. Essentially, the problem with tiered pricing is that processors can categorize transactions assumed to be in a lower-priced tier as higher-priced transactions, thus charging you more and leaving you little recourse. You should avoid tiered pricing arrangements.
For most small businesses, using a third-party processor with flat-rate pricing like Square or PayPal may be more affordable than using a full-service merchant account. Of course, this entails a much greater risk of having your account frozen or terminated, which is, in itself, a very costly thing to happen to any business.
One thing that affects what your internet merchant account will charge you is the fact that CNP (card not present) transactions, including online purchases, cost more to process than do in-person transactions. This is due to the fact that the chance of chargebacks and fraud is higher with transactions where the card is not present, and this is factored into the cost of processing the payment.
Other fees you may (or may not) have to pay include PCI compliance fees, payment gateway fees, and fees for ACH acceptance if you want to offer customers the ability to pay with their bank accounts in addition to cards. To learn more about the complex and relatively opaque world of internet merchant account pricing, read through our Complete Guide To Credit Card Processing Rates & Fees.
Features To Look For In An Internet Merchant Account
Let’s go through some of the features that may be included in your internet merchant account package.
One benefit of third-party processors like Square is that a payment gateway is included as part of the service so you won’t have to go looking for one yourself. Of course, third party processors have their drawbacks as well, so you’ll be glad to know that some direct processors include a payment gateway in their services as well.
Remember, if you plan to do business online, whether it be through selling goods, offering SaaS, or what have you, you’ll need to be able to accept online credit card payments. To do that, a payment gateway is an absolute requirement.
Multiple Payment Methods
We’ve established that you’ll want to be able to accept credit and debit cards. However, there are other payment methods your customers may want to use, and you want to be able to accommodate them. From mobile wallets like Apple Pay on the web to ACH payments, the more payment methods your payment gateway (and payment processor) supports, the better.
Global Payment Support
With some merchant accounts, you can only accept payments in USD. If you expect to be able to attract any international business, that’s obviously not going to be good enough. Thankfully, many merchant account providers can set you up with a multi-currency ecommerce merchant account so you can expand your global reach. Just be aware that you’ll likely pay currency conversion fees (if they aren’t passed to your customers). PayPal and Stripe do very well in this regard, and Stripe actually supports many localized payment methods across Europe and Asia.
As an added note — some processors offer a feature usually referred to as dynamic currency conversion or localized currency displays. This means that your website will automatically convert the price from USD (or your default currency) to whatever currency is most common in the customer’s region. This can improve the shopping experience for international customers and potentially increase your sales.
Included Shopping Cart (Or Other Software)
An online shopping cart integrates with your website to facilitate ecommerce. The shopping cart enables your customers to look through your available products, select different options for each product (size, color, etc.), select the quantity of the products they want to order, and more.
Most merchant accounts can be integrated with major shopping carts, but if you can find one that includes a good shopping cart already, that’s even better, as you’ll be saving money.
Other handy features to look for include a customer credit card vault that allows you to securely store your customers’ card information while keeping it off your own equipment and subscription tools that let you create and manage customer subscriptions. Stripe is an example of a processor with built-in subscription tools and a card vault. However, you can also opt for a third-party provider to get recurring billing functions.
Processors with integrated developer tools, like Stripe, allow developers to use APIs (application programming interfaces) to integrate the payment platform using a variety of different programming languages. For the business with developer talent, integrated developer tools can help you build custom solutions for your ecommerce outfit.
Good customer service and availability is critical in an internet merchant account. Your ability to do business is reliant on all your systems working correctly 24/7, so reliability and quick response times are crucial. Do some research on merchant account providers to weigh the experiences of other merchants when dealing with any issues that pop up, and make sure that the available support channels jibe with your preferences.
How To Choose The Right Provider For You
That was a lot to take in, wasn’t it? If you’re feeling overwhelmed, don’t worry! Merchant accounts are Merchant Maverick’s original specialty, and we’re here to help you delve into the nitty-gritty of merchant account pricing, features, and provider options.
Here are some links to help you learn more about merchant account options, features, and more:
The Best Online Credit Card Payment Processing Companies
How To Choose An eCommerce Merchant Account
The Complete Guide To Online Credit Card Processing With A Payment Gateway
How To Accept Credit Cards Online
The post The Complete Guide To Finding An Internet Merchant Account appeared first on Merchant Maverick.
Photoshop. Dropbox. Microsoft Office 365. Netflix. These are just a few of the products and services Iâve used in the last few days that require a monthly or annual subscription. There are several others that Iâm paying for as well but havenât used recently. If youâre old enough, you might remember the bad old days of personal computing when software came in big, shiny boxes that held a thick manual (that no one ever read) and a stack of 3.5â disks that youâd have to feed one at a time into your computer just to install the program. A year or so later, the company would come out with a new version, and youâd have to buy it and repeat the installation process all over again — if you wanted the latest and greatest, at least.
Today, many major software applications are available over the internet at the click of a mouse, and they donât come in a box at all. Instead, theyâre offered via a monthly subscription service. For a few dollars a month, you can download the software onto your computer in minutes, and it will update automatically whenever a new version is released. Subscription-based software is very convenient, and it can seem like a real bargain to pay $9.99 per month for an expensive program such as Photoshop rather than shelling out $500 for a stand-alone product.
The subscription-based model of selling products and services has proven so successful that you can now get a subscription to just about anything. Subscription box services such as Birchbox and Loot Crate deliver random trinkets you didnât know you needed every month. Other services, such as Hello Fresh and Blue Apron, solve the âwhat do you want for dinner?â riddle by dropping pre-packaged meal kits right on your doorstep.
If youâre a merchant looking to increase sales and ensure a steady stream of revenue, you might wonder how you can enable multiple, recurring (and automatic!) payments from your customers. Thatâs where recurring billing comes in. This service allows you to set up repeating payments without your customers having to authorize each payment separately or enter their credit card information more than once.
In this article, weâll explain what recurring payments and recurring billing are and give you a rundown of the types of businesses that use them. Weâll explain the advantages and disadvantages of using recurring billing, and weâll show you important features to look for in finding a provider that supports it. Finally, weâll show you how several popular merchant services providers implement recurring billing and how much it will cost you to set up this popular feature.
Each of these companies provides excellent customer service and fair pricing.
See more data
What Is A Recurring Payment?
Recurring payments are quite simple to understand. Instead of making a one-time purchase of goods or services, the customer signs up for a subscription where products or services are delivered on a recurring, prearranged schedule. This schedule could be monthly, weekly, annually, or whatever is appropriate under the circumstances. Monthly subscriptions are the most common, but just about any other period is also possible. For example, Amazonâs Subscribe and Save feature allows customers to reorder common household products on a recurring schedule, with the interval being determined by how often they need to replenish the product in question.
To establish a subscription, the consumer needs to provide a card on file. This is any valid payment method (e.g., credit card, debit card, or bank account number) from which all payments will be made. In establishing a card on file, the consumer agrees to authorize both the initial payment and all subsequent payments as well. Most subscriptions are open-ended, meaning that the consumer will continue to be charged indefinitely until the subscription is either canceled or the submitted card on file is no longer valid.
Because most subscription-based services require online payments, recurring billing features are usually offered as part of a providerâs payment gateway. However, retail merchants can get in on the action too, as long as they use a payment gateway or virtual terminal to process the recurring transactions. For example, almost all of the wineries in the area where I live offer a wine club membership that automatically ships several bottles of wine to participating club members according to a predetermined schedule.
What Kinds Of Businesses Use Recurring Payments?
Weâve already given several common examples of businesses that offer their products or services on a subscription basis, but there are many others as well. Software and cloud backup services use recurring billing almost exclusively, and health clubs wouldnât be able to stay in business without it. Just about any type of business could, in theory, use subscriptions and recurring billing to sell their products or services to the public.
Although most subscriptions are open-ended, recurring billing can also be used to spread a large, single bill over a more extended period. Attorneys and wedding planners, for example, could use recurring billing to allow a customer to spread a single, expensive bill over several months.
Advantages To Recurring Payments
Recurring billing offers several benefits to both consumers and merchants. For the consumer, the convenience of having recurring bills paid automatically is perhaps the primary advantage. Thereâs no need to track when the next bill is due or to have to fill out and mail a paper check on time. The âset it and forget itâ nature of recurring billing ensures that consumers donât have to worry about any interruptions to their services. At the same time, itâs all too easy to keep a subscription going long after youâve stopped using it. Gym memberships are (ahem) the most obvious example of this situation.
Recurring billing also saves time for merchants, as thereâs no need to generate and send out multiple invoices whenever a subscription payment is due. Transactions are processed automatically, requiring no action on the part of the merchant unless thereâs a problem (expired credit cards are the most common reason for a recurring authorization to fail). Subscriptions also provide a steady, predictable source of income over time. Naturally, theyâre not 100% foolproof. Youâll have to offer top-notch products or services at a fair price all the time to avoid a surge in subscription cancellations.
Disadvantages To Recurring Payments
The advantages of recurring payments generally outweigh the disadvantages, but there are a few downsides that you should be aware of in using them. Payment security, while always extremely important, is even more critical when youâre accepting multiple payments over time from the same customer. This means protecting your customerâs sensitive payment data and protecting yourself from fraud. Your provider can help you implement a strong PCI compliance program that will safeguard your customerâs data according to established industry standards. Many providers also offer fraud detection and prevention measures that can protect you from unscrupulous consumers. The impact of someone submitting a fraudulent payment method will be much higher with multiple, recurring transactions than for a single, one-time purchase.
Storing card-on-file information requires additional work on your part, but most providers offering support for recurring billing include features to automate this process. Nonetheless, you will have more paperwork to deal with if you use recurring billing.
Another minor disadvantage of recurring payments is that it can be more difficult to correct a billing error. If a customer is charged in error, youâll have to issue a refund. For this reason, we recommend that you use a recurring billing service that allows customers to change their payment information or cancel a subscription directly from your website. Otherwise, youâll have to make these changes yourself before the next automatic payment is processed.
How To Choose Recurring Billing Software
These days, just about every merchant services provider on the market offers support for recurring billing, usually as a feature of their payment gateway. However, not every business needs it, so in most cases, itâs an optional add-on to the companyâs basic payment gateway. Optional add-ons are rarely free, so you can expect to pay extra to enable recurring billing as part of your account. Each provider has a different method of charging you for recurring billing. As weâll see below, you might pay an additional monthly fee, or you might pay a higher processing rate for each recurring transaction. In some cases, you might pay both an extra fee and higher processing rates. If you need recurring billing support, itâs critically important that you understand how your provider charges you for this service. You should compare multiple providers before signing up for an account.
Features To Look For In Recurring Billing Software
Features of recurring billing services vary from one provider to another. While some are bare-bones and only offer the most basic functions, others are more robust and allow you to customize virtually every aspect of your subscription service. Here are the most important features to look for in selecting a recurring billing service:
Billing Intervals:Â Not everyone bills on a once-a-month basis. Your service should provide the ability for you to bill on whatever interval you need.
Support For Metered Billing:Â If your subscription service charges by actual use rather than a flat fee, youâll need the ability to track your customersâ usage and automatically generate a bill from that data.
Support For Free Trials:Â Many businesses offer a free trial period before the customer has to start paying for the service. Your recurring billing service should be able to support providing a free trial period of whatever length you specify. Customers should also be able to opt-out at the end of the free trial period rather than being charged automatically.
Security Features:Â Tokenization and encryption are usually standard features of payment gateways today. Theyâre even more important when you have recurring, automatic transactions.
Customer Information Vault:Â This is another feature that usually comes standard with a payment gateway. It allows you to store your customersâ payment data securely, so they donât have to re-enter it every time they shop on your site. To greatly simplify your PCI compliance requirements, this data should be stored on your providerâs server — not on your computer or your websiteâs server.
Automatic Card Updater:Â This feature automatically pulls updated card information from your customerâs issuing bank when a replacement card is issued, allowing a subscription to continue without interruption. Note that this feature wonât work if your customer switches to a different credit card altogether.
Below, weâll look at how several popular merchant services providers handle recurring billing. Some providers are significantly more affordable than others, so it pays to shop around before settling on one choice.
Read our Review
Square (see our review) offers recurring billing through its Square Invoices add-on service. Like most of Squareâs offerings, recurring billing charges on a pay-as-you-go model — there are no additional monthly fees. However, you will pay higher processing rates for recurring transactions. Recurring credit or debit card transactions are charged 2.9% + $0.30 per transaction, while card-on-file transactions will cost you 3.5% + $0.15 per transaction.
Although the higher processing rates will cost you more, Squareâs lack of monthly fees makes this a very cost-effective alternative for a small or newly-established business. Although itâs very affordable, the recurring billing feature of Square Invoices doesnât have the robust feature set found in some competitors. For example, you currently cannot integrate Squareâs recurring billing feature into an API for in-app recurring billing. However, the company is planning to introduce this feature sometime in the future.
Read our Review
Stripe Payments is a popular ecommerce-only merchant services provider that powers a lot of the webâs most well-known online retailers. Recurring billing support is available through the Stripe Billing feature. Like Square, thereâs no additional monthly fee to use this service. Recurring transactions process at a flat rate of 2.9% + $0.30 per transaction for your first $1 million in sales and then Stripe will begin adding a 0.4% transaction fee as well. Most merchants will find that Stripe is less expensive than Square, especially if you process a lot of card-on-file transactions.
Read our Review
PayPal is another payment services provider (PSP) thatâs very popular with small business owners and ecommerce merchants. The company charges the same flat rate of 2.9% + $0.30 per transaction as Stripe for recurring transactions. However, they also charge a $10 monthly fee to enable recurring billing on your account. To make matters worse, its recurring billing feature is only available if you use either PayPal Payments Pro or the PayPal Virtual Terminal. Both of these features cost an additional $30 per month. In other words, it will cost you $40 per month just to use recurring billing.
Unfortunately, PayPal is by far the most expensive option weâve found for getting access to recurring billing. Unless you have another compelling reason for using either PayPal Payments Pro or the PayPal Virtual Terminal, we canât recommend using them for this purpose.
Dharma Merchant Services
Dharma Merchant Services
Read our Review
If your business needs a full-service merchant account, Dharma Merchant Services (see our review) is one of the best choices available. The company offers competitive interchange-plus pricing, low monthly account fees, and a month-to-month billing system that doesnât lock you into a long-term contract. They also offer recurring billing as an optional feature of their MX Merchant integrated payments system. While the MX Merchant system is included as a standard feature of all Dharmaâs merchant accounts, support for recurring billing is an optional add-on, and it will cost you $10 per month. However, youâll pay the same interchange-plus rates for recurring transactions as you would for one-time purchases. If you process a lot of recurring transactions, the savings on processing rates should more than make up for the additional monthly fee.
Do you need recurring payments for your business? The answer will depend on your business type and how you make your sales. Many retail-only companies will not need recurring billing at all, while online businesses that sell via a subscription model wonât be able to function without it. As weâve seen above, selling products and services via subscriptions is becoming more popular all the time. If you think your business could benefit from using a subscription model, youâll need to add a recurring billing feature to your merchant account to make it happen.
If youâve determined that you need a recurring billing service, youâll want to make sure that it includes all the features you need, without paying an additional premium for them. Features such as the ability to store cards on file, customize your subscription intervals, and support free trials are all things to look for in selecting a recurring billing service.
Because recurring billing support is offered as part of a payment gateway, youâll want to be sure to select a high-quality gateway thatâs a good overall fit for your business. To learn more about payment gateways, and how to choose a good one, check out our article The Complete Guide To Online Credit Card Processing With A Payment Gateway. For more information about specific gateway providers, our article The Top 5 Payment Gateways For Online Credit Card Processing is an excellent resource. Finally, our Payment Gateway Comparison Chart allows you to compare popular gateways side-by-side. Good luck!
When it comes to payment processing, security matters. After all, every time you handle a credit card, your customer is trusting you with their financial information. By now, you have probably come across the term PCI compliance on your monthly processing statements, and you know it’s a data-security related term. A little digging on the internet reveals that PCI compliance is complicated and the subject matter is full of acronyms and industry jargon.
One term often associated with PCI compliance is cardholder data. Even though the term is a small part of the overall PCI compliance scheme, it is a fundamental building block term. Understanding what cardholder data encompasses will help you navigate more smoothly as you learn more about the complicated world of PCI compliance.
Each of these companies provides excellent customer service and fair pricing.
See more data
What Does Cardholder Data Include?
Even from its plain meaning, cardholder data suggests that the data includes information on both the front and the back of a credit or debit card. Formally, cardholder data is defined as:
The primary account number (PAN).
And may include:
Other sensitive authentication data used to authenticate cardholders and/or authorize payment card transactions, including, but not limited to, card validation codes/values, full track data from the magnetic stripe or chip on a card, PINs, and PIN blocks.
Cardholder data, therefore, could include most of the information on the payment card itself, whether plainly visible like the PAN or stored in the magnetic strip or on the chip of the card.
Cardholder Data & Maintaining PCI Compliance
Knowing the definition of cardholder data is one thing, but this knowledge is useless without understanding how cardholder data fits into the overall scheme of PCI compliance.
Basically, cardholder data includes all the information on a credit or debit card thatâs needed to transfer money from one party to another. Unfortunately, where there is money, there are thieves. So, some years ago, the larger credit card companies banded together to form the PCI Security Standards Council. The Councilâs job is to formulate data security rules and best practices so that the storage and transmission of credit and debit card information from the cardholder to the merchant to the banks — and everywhere in between — can be secure.
How Cardholder Data PCI Compliance Rules Affect Merchants
As a small business merchant, not all of the PCI compliance rules apply to you. For the rules that do apply, failure to follow them means getting a fine, usually from your processor. However, note that there are other country- or state-specific data security and privacy laws that might apply to merchants as well. Often, the laws require the holder of the information to take reasonable steps to keep the information safe. Failure to comply with the laws often results in a fine, but sometimes can result in heavier punishments like an injunction. Since the PCI Security Standards Councilâs rules are typically more stringent and detailed, it is easier for a merchant to simply follow the PCI Security Standards Councilâs compliance rules and best practice suggestions. Requirement 3 of the Payment Card Industry’s Data Security Standard (PCI DSS) specifically addresses cardholder data.
Different Rules For Storing Or Not Storing Cardholder Data After A Transaction
There are several ways a merchant could choose to handle cardholder data. As a threshold matter, we assume that you already use PCI compliant card readers, point of sale terminals, and encryption software for transmitting the cardholder data to your processor.
A customer might pay in person, pay over the phone, or pay through a web interface. As long as you do not keep the cardholder data on file (whether stored electronically or even just temporarily scribbled on a piece of paper), then you are in compliance with PCI requirements for cardholder data. If, however, you do wish to keep cardholder data on file so you can, for instance, provide your customers a faster checkout, then there are additional PCI rules and best practices you must follow.
To keep the cardholder data on file, a merchant has two basic choices: keep the cardholder data in a computer system at the business (all the while making sure everything is PCI compliant), or hire a third-party service to keep the data on their server while only keeping a token at the business.
With the former, the merchant must follow additional complex requirements for both hardware and software set out by the PCI Security Standards Council. Typically, this method is only employed by larger businesses that have the money and personnel to maintain the hardware and software. With the latter, it is possible to keep the cardholder data with a third-party service provider that is already PCI compliant. Rather than the cardholder data, you only keep a token that can eventually be matched to the cardholder data. Recently, credit card tokenization has become a more popular choice because a token is not cardholder data so is not subject to the same PCI compliance rules as cardholder data.
Protect Cardholder Data With Tokenization
We have an article explaining the details of tokenization, but, briefly, payment card tokenization is a process that takes the cardholder data and assigns it a random series of numbers and (sometimes) letters called the token. The cardholder data is stored in a highly secure electronic vault using PCI compliant hardware and software. Only the owner of the vault has the ability to match the token with a specific cardholder data.
As a business owner, all you have stored in your system is the token. In order to access the rest of the payment card information, you must send the token to the vault holder to retrieve the actual cardholder data before sending the information onward for further payment processing. If you experience a data breach, then all you have to do is notify your storage company so they can assign new tokens to you. The cardholder data should be secure as long as you quickly find and notify the storage company of the breach.
From a practical standpoint, with tokenization, you wonât have to worry about PCI compliance because you donât have the cardholder data on your premises. All the encryption and data security required to be PCI compliant are farmed out to a third party, leaving you time to concentrate on running your business.
Protecting Cardholder Data Protects Your Business
If you are a merchant who accepts credit or debit cards, then you will be handling cardholder data. If you wish to store this information, both industry rules and public laws require you to handle this information in a highly secure manner and in very specific ways. Failure to protect cardholder data could subject you to fines or even harsher penalties under the law. Not only that, because the law requires you to report data breaches and notify your customers, you would have to fight the bad publicity associated with such a breach, and your business’s reputation will suffer. Protecting cardholder data, therefore, translates directly to protecting your business.
Fortunately, there are payment processors and third-party tokenization providers who can help you simplify PCI compliance and make it easy for you to protect cardholder data with secure, easy-to-use software. Reputable payment processors and tokenization providers are also mindful of their own practices on who can access cardholder data and stand behind their practices.
Whatâs your experience with handling cardholder information? Do you keep the information in-house, or do you take advantage of third party storage services?
If you’re reading this article, chances are that some of your customers have recently asked whether you accept Apple Pay or Google Pay. Your preliminary research has yielded the terms digital wallet and mobile wallet, but while you may have heard of these forms of payment before, you don’t yet know many of the details.
What do these terms mean? Is there a difference?
The short answer is that digital wallet is a broad term covering software that electronically stores credit card numbers, debit card numbers, loyalty card numbers, etc. on your laptop, tablet, phone, or the cloud. A mobile wallet is a type of digital wallet that lives only on your phone and allows you to “tap to pay” in stores, often using NFC technology.
Below is a more detailed explanation of what these wallets are, as well as how they might affect your small business.
What Is A Digital Wallet?
A digital wallet is an electronic method for storing payment information. It is a broad term covering many types of functionalities, and not every wallet offers every type of functionality. Below is a list of major functions typically found in digital wallets.
Store Credit & Debit Card Information: All digital wallets can store credit and debit card information. Some, like Apple Pay, Google Pay, and Samsung Pay, will allow payment directly from the card. Others, like PayPal, draw funds from a stored credit or debit card but pay out through the service itself.
Pay At A Store: Many digital wallets will allow a user to pay for purchases made at a brick-and-mortar location. Apple Pay and Google Pay both allow this type of payment when an NFC-capable point-of-sale terminal is available.
Peer-To-Peer (P2P) Payments: Most digital wallets allow users to transfer funds to one another. Typically, these payments are small amounts used to split a lunch bill, pay a babysitter, or even pay a share of the rent. The Cash app, Venmo, Zelle, Apple Pay, and Google Pay all allow users to transfer money this way.
Online Payments: Digital wallets can be used to pay for online purchases. At checkout, a merchant who takes digital wallet payments will display the appropriate button for the appropriate wallet. PayPal is the most well-known wallet having this type of pay with button, but Apple Pay and Google Pay have similar buttons.
Hold Funds: A digital wallet can store cash in the same way a gift card can hold cash. The funds are held in a cash account, and a user can link a bank account or a credit card to this cash account to cover shortages. Square’s Cash app and PayPal’s Venmo are examples of digital wallets that hold funds, and they even provide their users with physical prepaid cards (Visa for Square and Mastercard for Venmo) so the cash can be used at brick-and-mortar stores.
Hold Coupons & Loyalty Cards: Many digital wallets can hold coupons or loyalty cards so a user can be given the appropriate credit or discount for using a particular card or for shopping at a particular store. Apple Pay, Google Pay, and Samsung pay all hold coupons and loyalty cards.
Store ID: Some digital wallets will allow a user to store IDs. For instance, Apple Pay will allow a college student to store a student ID and use it to access various buildings or even pay from a student account.
Store Transit Tickets: A number of digital wallets allow users to store transit tickets. Users can tap the phone (or a wearable linked to the phone) on a reader to enter subway or bus stations in an increasing number of cities in the US and abroad.
Security: All digital wallets have security features that keep the stored information safe. The information is not only protected by password or biometrics (fingerprint scan, iris scan), but is also encrypted in many ways. Credit card information, for instance, isn’t even kept on the phone. Only a token that represents the information is kept on the phone.
Given that digital wallet is an overarching term that includes all the above features, is there a meaningful difference between a digital wallet and a mobile wallet?
How Is A Mobile Wallet Different From A Digital Wallet?
An easy way to distinguish mobile wallets from mere digital wallets is that mobile wallets let the user make a payment at a storeâs point-of-sale terminal. The payment is usually pulled directly from a credit or debit card rather than from a cash balance kept in the digital wallet.
With a mobile wallet, a user typically pays by tapping on a credit card terminal with a smartphone or a wearable device like a smartwatch or a fitness tracker. The device then transmits the payment information from the phone to the terminal via Near Field Communication (NFC) technology. Other mobile wallets (e.g. Dunkin’ Donuts, Walmart) send payment information through QR codes that a merchant can scan or the user can import through the phone’s camera. A third technology proprietary to Samsung (Magnetic Secure Transmission (MST)) mimics a magnetic swipe and transmits payment information that way.
As a side note, the popularity of NFC technology for payment processing has a lot to do with security. In the US, NFC is favored because it transmits the information only over very short distances. This way, there’s less likelihood that a snooping device can steal the payment information. In comparison, QR codes are less secure because a user can innocently scan a rogue code and be tricked into sending money to the wrong destination.
In this article, we try to draw a distinction between digital wallets and mobile wallets, but, in truth, the nature of these wallets is still in flux. When most people speak of mobile wallets, they tend to only be thinking of Apple Pay, Google Pay, or Samsung Pay. While digital wallets like PayPal and Cash can be loaded onto smartphones as apps, they cannot make NFC-based payments, so they are technically not mobile wallets. (PayPal can be linked to Google Pay and Samsung Pay, so it is still possible to pay at a store with PayPal, but the app itself is not capable of handling NFC payments.) However, Google Pay and Apple pay do let users make P2P payments and send cash, and these features tend to be major functions of pure digital wallets. Google Pay and Apple Pay, therefore, blur the line between digital wallets and mobile wallets.
If the line between digital wallets and mobile wallets is blurry, is there even a reason to draw a distinction between them? For a consumer, the answer is likely “no,” but for a merchant who wishes to take these payments, the difference can be significant.
What Mobile & Digital Wallets Mean For Merchants
For a merchant, there is a subtle but meaningful difference between a mobile wallet and a digital wallet. If you operate an online store or sell through a mobile app, then you can take digital wallet payments, but likely it will take a little work because you must add new code to your web store or your app. If you can’t handle coding yourself, you’ll need to hire a developer to implement these payment options. This is a bit different than some other online payment options that allow you to accept credit cards with minimal setup.
If, however, you operate a brick-and-mortar store where your customers pay through a point-of-sale terminal, then you can probably take mobile wallet payments without doing anything extra. If you have an NFC-enabled terminal, then you are all set to take Apple Pay, Google Pay, or Samsung Pay. If you are still using an older terminal that only takes a magnetic stripe card, then you can still take Samsung Pay because it has that the proprietary MST technology that mimics a magnetic strip card swipe.
Below are some of the additional advantages of taking digital and mobile wallet payments.
Digital and mobile wallets are secure. Digital wallets store payment information on a specialized, super-secure environment called the Secure Element (SE). Apple uses an SE chip embedded in the phone while Google and Samsung use one in the cloud.
When a customer makes a purchase, instead of the real credit card number, only a tokenized number is sent to the merchant. Hereâs a more detailed explanation of credit card tokenization, but for quick reference, a credit card token is just a random number with the same number of digits as a real credit card number. Only the credit card company has a way to match that random number to a customerâs real credit card number. So, if a token is stolen, the credit card company simply issues another token and disallows payment requests made with the stolen token. The real credit card number is kept safe and other purchases made with the real number (or other tokens) can continue.
From a merchantâs standpoint, the explanation above just means that tokenization takes you out of scope for PCI compliance (meaning less work for you) and you won’t be held responsible for fraudulent charges made with a stolen credit card. Thatâs a great reason for taking digital or mobile wallet payments.
Digital and mobile wallets make checking out faster. Whether you operate online only or have a brick-and-mortar store, faster checkout typically translates to more sales.
If you have a webstore or an app that takes in-app purchases, digital wallets often can populate all the payment fields with the push of a button. This means your customer wonât have to dig out a credit card, enter a long series of numbers, triple check to see the number is entered correctly, enter in their email twice, etc. etc. Being able to pay easily and quickly makes a better overall purchasing experience, and that means a better chance of a returning customer.
At a brick-and-mortar store, payment with an NFC enabled phone or wearable also makes checking out faster. Tapping a phone or a smartwatch over a point-of-sale terminal takes a mere second or two. Compare that to digging out a card from a wallet, dipping a card into the reader, waiting for the reader to approve payment, and making sure the customer does not forget to retrieve the card, you can see the time savings right away. Whatâs more, all the customers behind the one making the payment can see their time savings as well. The more happy customers you can move through your checkout, the more sales you can make.
In line with faster checkout, taking digital and mobile wallet payments offer additional conveniences to your customers. These days, most people pay for their purchases with a credit or debit card, and mobile wallets are increasingly being used to store these cards, especially by the young and/or tech-savvy. Millennials and Gen Z’ers transfer cash between friends using mobile wallets without a second thought and never seem to carry actual cash on them.
For these customers, it would be convenient to consolidate spending into one wallet, so they can easily keep track of their cash, credit, and debit spending. Most digital and mobile wallets also allow users to pay faster by approving a purchase using stored information. PayPal has a one-touch feature that allows a customer to instantly approve a payment with stored data. Google Pay allows a user to approve a purchase by just unlocking the phone and hovering the phone over the payment terminal without ever opening the Google Pay app.
Of course, digital and mobile wallet users won’t stop patronizing your store just because they can’t pay with their mobile or digital wallet. But, if you do allow it, they might come back to you more often because you take payments in the way they prefer to pay.
Do You Need To Accept Mobile & Digital Wallet Payments?
You probably do not absolutely need to take digital and mobile wallet payments, but allowing them might bring you more sales. If you have an online store, then you might have to invest some time or money to connect up to the wallet services. However, if you own a brick-and-mortar store, you likely already can take them. In fact, if your customers tend to be tech-savvy and/or young–or you want to attract more such customers–the ability to pay with digital or mobile wallets will offer them the convenience they want and induce them to do more business with you.
Whatever you do, if you decide to take digital and mobile wallet payments, be sure to advertise it properly. You can request signs and stickers from the wallet providers and of course download logos and the appropriate buttons for your webstore. Once this is done, you are on your way to taking digital and mobile wallet payments.
If you already take digital and mobile payments, what has been your experience so far? Have you increased your sales? Have you gotten positive comments from (hopefully pleasantly surprised) customers that you have improved your technology to allow for this new way to pay? Leave us a message in the comments!
The post Digital Wallets VS Mobile Wallets appeared first on Merchant Maverick.