Your eCommerce business sells online. If you don’t accept payments also online, the business is unlikely to prosper. In these days of many online payment options, buyers tend to have their favourite options. Unless you allow them to shop with their favourite payment gateway for eCommerce, you could lose significant volumes of business.
In this post, we look at different aspects of online payments, including how to set up these at your eCommerce website.
How Buyers buy Online?
At eCommerce sites, a buyer:
- Browses an online product catalogue that includes descriptions, pictures, and prices of the products they want
- Selects one or more products and adds these to an online shopping cart
- When the selection is complete, goes to the checkout page and pays for the items in the shopping cart
- And waits for the products to be delivered through a carrier to his or her house
It is the checkout page mentioned above that is our focus in this post. The page can offer Cash on Delivery (COD) option where the buyer pays cash to a carrier when the purchased item is delivered.
In that case, the payment processing involves keeping track of cash due and arranging to collect it against delivery (and sending the collected cash back to the seller).
However, in most cases, online buyers pay by:
- Credit or debit card
- Internet banking
- Payment wallets such as PayPal
- Carrier payments as when you pay using the balance in your phone account
In these cases, a lot of online processing takes place at the back end.
How Sellers get Paid Online?
Online sellers use “payment gateways” to accept and process such payments.
“A payment gateway is a technology used by merchants to accept debit or credit card purchases from customers. The term includes not only the physical card-reading devices found in brick-and-mortar retail stores but also the payment processing portals found in online stores.” – Investopedia.
Payment Gateway in a Traditional Brick and Mortar Store
If you walk into a brick-and-mortar store, you can pay by cash or by your credit card. If credit card is used, it initiates an electronic process involving:
- Swiping the card in a Point of Sale (POS) machine
- Entering your PIN
- Waiting for approval from the bank that issued the card
- Receiving approval or rejection from the bank
- Completing the purchase if bank approval is received
When you swipe the debit or credit card, you are entering a gateway, the electronic payment gateway, where a lot of things happen:
- The details of your card are read by the machine
- Your authority to use the card is verified against the PIN you entered
- If the verification is okay, details of both the card and the transaction are sent to a payment processor used by the merchant’s bank
- The payment processor forwards the details to the card issuing bank
- The card issuing bank checks the validity of the card, availability of funds, and other things, and either approves or rejects the payment request and informs this status to the payment processor
- The payment processor sends the status to the merchant’s bank
- The merchant and customer see the status
- If the status is “approved,” the merchant can activate a “transaction clearing” process
- The clearing process results in the issuing bank transferring the funds kept “in hold” (when they approved the payment) to the merchant’s bank, thus “settling” the payment
The payment gateway attends to all the above tasks over a “secure” network.
Payment Gateway in Ecommerce Context
If the purchase transaction takes place online, there is no swiping machine. Instead:
- The card number and some authentication details (such are card expiry date and a CVV number) are entered on a secure web page of the eCommerce site
- The payment gateway encrypts the data before sending it over the Internet to the payment processor
- Steps similar to those described above happens in the gateway
- The responses are displayed on the secure web page, instead of on the swiping machine screen
- Usually, two-step authentication is also involved with the card issuing bank sending the cardholder a one-time password (OTP), which is then entered into the page to complete the transaction
The goals of the whole process are:
- Check that everything happens between authorized parties
- Privacy of the data is maintained so that it does not fall into the wrong hands
- The data passing through the network is not tampered with by hackers
Setting up for Ecommerce Payment Acceptance
Ecommerce stores have two options for accepting payments online:
- They can go for an in-house payment gateway, which will involve working with a bank offering payment gateway services, and creating a secure checkout page on their site or
- Outsource the complicated processes to third parties by redirecting customers to the secure payment pages of these processors
Let us look at these options in a little more detail.
In-house Payment Acceptance
Ecommerce stores that prefer to accept payments at their own site will:
- Work with a bank that offers online payment processing services
- Create secure checkout pages at their site and
- Link these to the payment gateway using API’s (Application Programming Interfaces) provided by the payment processor
All major banks provide needed services. If you bank with one of these, you can discuss the arrangements with them. Let us now look in some detail at secure web pages.
Secure Web Pages
Payment gateway for the eCommerce website uses the HTTP protocol by default. These are not very secure and hackers can steal the data transmitted over the web by such sites.
On the other hand, HTTPS (with the S standing for Secure) pages encrypt all data before sending them over the Internet. The encrypted data can be decrypted back to the original only by a recipient who has a “key” to do it. Hackers will not be able to make sense of the encrypted jumble passing over the network.
In addition to protecting privacy as above, secure web pages also ensure authentication and data integrity.
- Authentication involves getting a certificate that can be checked at the client end to ensure that you are dealing with the genuine party, and not someone posing as the real party
- Data integrity ensures that the data sent from the origin is not altered along the route to the destination
By making your eCommerce payment acceptance page into an HTTPS page, you can ensure that details, such as credit card, bank account and OTP entered on the page are safe from theft by hackers. The authentication and data integrity features add to the authenticity of the dealings between you and your customer.
Creating an HTTPS page involves:
- Getting a set of private and public keys that are used to encrypt and decrypt data sent by the customer to you
- Getting certificates to help the customer ensure that they are dealing with the authentic you (and not someone posing as you)
- Using Transport Layer Security (TLS) protocol for the client server connection
Working with Third-Party Providers
If you decide to work with third party providers, you can save a lot of trouble. You can simply re-direct customers to the secure payment pages of the third party provider, who will attend to all the complicated processes and transfer the sales proceeds, minus their processing changes, to you.
Some might even allow you to create a payment page that looks like your own page thus enhancing the online shopping experience.
Major third party providers include:
PayPal is an online company providing financial services. It allows you to pay for the items with a secure account. All you need to do is add your bank account, your debit card, and credit card details when you make the payment using PayPal.
Paypal offers 2 types of payment methods for transferring your money internationally and both of them have their own fee structure.
Whenever you send your money directly to another PayPal account, PayPal charges a five percent transaction with a minimum fee of $0.99 and a maximum fee of $4.99.
Stripe is a financial service company. It is an online payment gateway processing for internet businesses. It supports payment processing in more than 135 currencies thereby allowing you to charge the customers in their native currency when receiving your funds.
The Stripe pricing starts at 2% for cards issued in India and 3% for international cards.
Google Pay is an online payment system. It is a digital wallet platform developed by Google and is one of the best ways to send and receive money.
AmazonPay is an online payment processing service and is owned by Amazon. It does not add any fees to your international transactions. Your purchase incurs to no membership fees, no transaction fees, no fee of currency conversion, or any other fees.
Payment Gateway for Ecommerce – Summary
Online payment acceptance must be offered by eCommerce sites if they wish to prosper. This can be done by creating an in-house payment gateway interface at your own site. Alternatively, you can outsource it to specialist providers who will attend to all the complexities involved.