The shift to a global economy has already begun, but that doesn’t mean there aren’t a lot of merchant accounts and service providers still playing catch-up. Even governments are scrambling to adapt to a new economy as evidenced by the EU VAT laws that came into place earlier this year.
There are large discrepancies between service providers when it comes to accepting credit and debit cards on your website. Therefore, it’s worth your time to perform a little research. Some platforms are still adapting while others have mastered that which is supposed to represent eCommerce in 2015 – simple, seamless and user-friendly.
Maybe you’ve recently purchased an Elegant Theme that’s WooCommerce ready and have plans to begin setting up an eCommerce store. If that’s the case, you have probably already run into the issue of selecting and integrating a payment processor. The payment gateway and processor landscape is vast and making the right decision can be a time-consuming process.
It’s not a topic that we typically have to deal with and let’s be honest here, it’s not something that most of us will look forward to learning about. However, it is necessary.
In this article, I’m going to try to make the learning process as straightforward as possible. We’ll cover the basics of payment processors & gateways, plus some of the different ways of integrating the ability to accept payments into your website. To finish off, we’ll take a look at some general guidelines to think about before you make any final decisions.
Do I Need a Payment Processor or Gateway?
The payment processor vs payment gateway question is a common one and it comes with some good news. The line between the two services has become pretty blurred as of late. In the past, there was often a need to select both a processor (merchant account) and a gateway. Now there are many companies that provide access to both. But what’s the difference?
Payment Gateways
Payment gateways represent what is essentially a locked door through which financial transactions take place. The parties involved are your website, your customer, and the company who provides your merchant account. Sometimes the gateway and merchant account can be handled by the same company.
In order to make sure that your customers personal information is kept secure, payment gateways are required to be what’s called PCI-DSS compliant. PCI-DSS stands for Payment Card Industry Data Security Standard and represents all of the big players including Visa, MasterCard, Discover, Amex, and JCB.
Anytime you’re dealing with customer’s personal and financial information, it’s important to take the process very seriously. Especially with the recent FTC decision demonstrating their ability to go after companies who fail to take customer privacy and security seriously.
Payment Processors
Once your customer decides to make a purchase through your online store you need an intermediary who is responsible for processing the transaction. This is where the payment processor or merchant account comes into play.
Payment processors are responsible for four things:
- Managing the relationship and risk between your business and the credit card companies.
- Managing your customers personal and financial data.
- Processing the transaction by debiting the customer and crediting your account.
- Transferring the funds to your bank account.
Traditional payment processors are typically more thorough when it comes to setting up accounts. If you apply for a merchant account, you should expect a lengthy application process that can include questions about your business and the products or services you sell.
All-In-One Providers
This is where the line begins to blur somewhat. Some companies, such as BeanStream offer payment processing as well as optional payment gateway services, technically making them a full-stack provider. But we also have companies like PayPal and Stripe who also appear to offer payment processing without the need for a merchant account.
It can actually become a little unclear how some providers are structured. For example Stripe makes the following statement:
We abstract away the gateway and merchant components of accepting payments online to give you a simple and easy experience
Essentially what this means for you as the end user is that companies like Paypal and Stripe are acting as the intermediary between your business and the credit card companies. If you appear to be doing something that increases their risk, your account could be locked down until the security issues are resolved.
To be fair, this can happen with any payment processor but as a general rule, full-service providers often have a lower risk tolerance. For the most part, this seems reasonable since applying for an individual merchant account can often involve things like credit and reference checks. The barrier to entry is lower for some full-stack operators.
How to Integrate Your Payment Processor
Exactly how you go about integrating your payment processor into your website will depend partly upon which method you prefer, but also how technically involved you want the process to become. There are three primary options:
- Hosted Payment Page
- Hosted Tokenization
- Full API Integration
For our purposes, we’re going to focus on the first two options simply because they’ll be the most common ones you’ll end up considering. Options 1 & 2 also reduce your PCI-DSS compliance requirements since you’re relying on the payment processors servers instead of your own.
Hosted Payment Page
The first option is to use something called a hosted pay page or “HPP”. In most cases, a hosted pay page is one of the easier options to implement, in particular because most of the security requirements are managed by the payment processor. Setting up an eCommerce store using hosted payments is usually a fairly quick and simple process.
When a customer adds items to their cart and decides to check out, the information is passed from your website to the HPP. Because the HPP is hosted on the payment processor’s secure server, the security requirements are borne by the processor (PCI-DSS). It can also eliminate the need for you to purchase an SSL certificate since none of your customers confidential information is stored on your server.
PayPal is a good example of a hosted payment page but keep in mind that payment processors also offer HPPs – including the likes of Moneris and Beanstream. And while HPPs are “easier” to set up, you should still expect that the first time through the process will require some extra effort. The documentation provided by many payment processors leaves much to be desired.
The primary downside to this payment solution is the fact that your customer technically leaves your website in order to complete their purchase. Most hosted payment pages offer a feature that will redirect the customer back to your website once their transaction is complete.
Using a hosted pay page for a payment processor like Beanstream or Moneris offers a similar experience to completing a purchase using PayPal. It’s certainly not seamless, but it’s also not exactly foreign to most customers either. In fact, some customers may feel a sense of security knowing that they have been redirected to what is technically a more secure website.
The final issue surrounding HPPs is that they are rarely 100% customizable. You can usually make a small adjustment to the overall appearance of the page, but it’s never perfect. That said, there are always exceptions to the rule and services like Mijireh do a pretty darn good job of integrating with your existing theme.
Hosted Tokenization
Hosted Tokenization offers a middle ground that lies between a hosted payment page and a fully integrated API solution. It allows you increased customization over your customers’ checkout experience without having to deal with full PCI-DSS compliance (it’s handled by your processor).
Payment processors like Moneris, Beanstream, and 2Checkout all offer solutions that limit your compliance requirements while improving your customer experience and conversion ratio.
On the back-end, hosted tokenization can seem like a complicated process but almost everything important happens behind the scenes. Your customer enters their payment details in a secure form, often a popup which connects directly with your payment gateway. In return, they send a token (like an encrypted key) that represents your customer’s card number back to your store. At this stage in the process, you can then complete the customer’s transaction and generate a final receipt. Usually, tokens expire within 15 minutes and are worthless to anyone except your eCommerce store.
While not quite as simple as the hosted pay page, hosted tokenization offers a superior and more seamless checkout experience. Take a look at how the hosted-tokenization process looks for 2checkout.
Website Integration
In almost all cases, you’ll want to rely on third-party options to help you accept payments on your website. Once your merchant account / payment gateway is set-up, all you need to do is find a way to actually accept payments.
Luckily, as a WooCommerce user you’ll find dozens of integration options available in the WooCommerce Extensions Catalog. This is by far the best place to start your search.
In case you’re not using WooCommerce, there are still more than a few options available to you. If you’re a service provider who wants to offer customers the ability to make payments online, you can always take a look at using something like NinjaForms and one of their payment gateway add-ons. Alternatively, Gravity Forms also offers several payment integration options including PayPal, Stripe, and Authorize.net.
Choosing Your Gateway & Processor
Now that you’re familiar with some of the common terms, you’ll be more capable of making the right choice when it comes to picking you service providers.
By far one of the most difficult decisions is actually choosing your payment gateway and processor. There are literally so many options that the process can become confusing. Having set-up a few of these services, including hosted pay pages, there are some simple guidelines and things that are good to think about before you make your decision. However, this is by no means an exhaustive list:
1. Make sure your payment gateway, processor, and bank are all compatible with one another.
For example, Beanstream can be used as a payment gateway that is compatible with most merchant accounts and banks throughout North America, Europe and soon to be Australia. Not all services will work together and some may even have limited geographical capabilities.
2. Language and currency support might not matter to you, but it sure matters to your customers.
3. Are all the payment methods that you want to accept supported?
A good rule of thumb is to accept at least 3 major credit cards and give strong consideration to accepting debit cards as well.
4. Is the checkout process mobile friendly?
There is no room for negotiation on this feature – if your website isn’t 100% mobile friendly, including the checkout, you’re in trouble.
5. Do you require recurring billing and does your processor support it?
6. Does the payment processor offer great customer support?
If you’ve ever sat on hold for 30 minutes waiting to ask a quick questions about the test environment for a hosted pay page, you’ll understand why this is important.
7. Pay attention to how quickly settlement occurs.
It’s great to make a sale on your website, but it’s no fun having to wait 7 days to actually receive the money in your bank account.
8. Is your gateway likely to be trusted by your customers?
If you’re online all the time you’ve likely become comfortable with or recognize many of the different payment gateways. Your customers may not feel the same way which is my the big names carry some weight.
9. Fees are important to pay attention to, but they aren’t everything.
Instead of looking for the least expensive fees, consider what you’re getting for your fees. They should be competitive but not at the expense of service or vital features.
Wrap Up
If you’ve made the decision to launch an eCommerce store or to add the capability for customers to pay for services on your existing site, you have a lot to think about.
Choosing how to accept payments on your website can be an incredibly confusing and time-consuming process. There are enough options available to keep you researching for days. Sometimes the best approach is to start with a gateway and processor that you are familiar and comfortable doing business with. Making changes in the future is always possible.
If you’re running Elegant Themes and WooCommerce, which payment gateway and processor do you prefer and why? Please share your thoughts in the comments below.
Article thumbnail image by Incomible / shutterstock.com
Great share … I would like to suggest you to write on more post on the same topic with some more specific points like some examples of payment gateway services providers with their services, fees, features, etc. It would be very helpful by those who are using any of these payment gateways.
Hi think Stripe offers a good balance for most websites. The embedded payment form can be styled (within reason) to match your website and customers will think they’re paying on your actual website, but credit card details are actually taken on Stripe’s website so you don’t need to worry about full PCT DSS compliance. I have found it an effective, modern solution to work with compared to more traditional payment methods such as Worldpay and Sagepay which seem very error-prone.
Katie, did you use a third party service to add stripe checkout to your site? I would like to see it in action so please reply with your URL and contact info on the programmer who added it to your site, thanks.
Any suggestions for Indian Payment Gateways? I’m setting up a ecommerce store using Divi and WooCommerce.
I’m a tad confused on where stripe falls in all this. If I’m using a SSL for my site, and using stripe- are my customers protected?
Hi Rob,
I think you and they are. We use Stripe with https on our app (SunnyReports) and it seems everything is protected. We don’t store the payment data of our customers and we use the Stripe’s recommandations written here : https://stripe.com/help/security/requirements
So the PCI compliance seems ok for us.
Always do your own research and due diligence when choosing a payment provider. There are so many horror stories about PayPal and the Digital River group of companies, and from personal experience, I cannot recommend either. 2Checkout also has some questionable practices.
Be aware that payPal is not supported in all countries, and there are always people who have been locked out of their accounts for various reasons, so you could be missing out on sales if you don’t offer other options.
Hi,
Is anyone aware about the new EU regulation regarding collecting the VAT when selling to EU customers, and what tools/platforms could help implementing it?
Thanks in advance
Hey Sebastian
Taxamo is a service that you can get to sort out any digital sales to the EU https://www.taxamo.com. If you have a shopping cart with WooCommerce, the VAT is automatically calculated by GeoLocation i.e. IVA for Spain, TVA for France and so on. You do have to set up all the VAT rates before that happens but it is not that difficult.
Jan
Hi Jan, is it correctly understood that you can either leave it to your chosen PSP to handle VAT with Taxamo or you integrate it yourself to e.g. Woo?
Just wondering about the best approach. Thanks.
Jens
I have used Mijireh on a clients website and it works great. It is only $49 a year for unlimited transactions. There is a FREE WooCommerce mijireh plugin so works well with Divi and WooCommerce. You can pick from over 85 different payment gateways. And using the page slurp feature is really nice to keep your checkout looking like your actual site.
PayPal is a great way to start. Im actually going to be moving to braintree to give that a go.
Thanks, helpful info. Quick Question:
If you don’t need a security certificate for a hosted payment page, would you say that running the eCommerce site on shared hosting is also ok or would you advise a dedicated ip or other secure hosting option?
For E-Business in Germany, an numbner of additional rules might apply.
After searching for lawyers, software add-ons and stuff, I decided to use a service called digistore24 for selling digital goods and services. It takes all the hassle away from your shop ideas. They want about 7% provision. Sounds much, but you don’t even have to have a paypal account and you can use all in Germany popular payment including Überweisung, EC-Karte und Sofortüberweisung. I recommend it, because I use it on http://werde-schauspieler, http://easy-onboarding and on my website http://actxcellence.de
I am a customer there and they offer a provision. This is my promo-link:
http://www.actxcellence.de/digistore24
It works in WordPress pretty well together with the digimember plugin. It is very stable and offers also free version for one product with a small group of users.
This is also a promo-link: http://www.actxcellence.de/digimember
I think it is fair to say “promo-link” and I would not recommend it, if I had not such a good experience.with them. Also with the support.
You can ask me for further dtails here or contact me on my site.
Guido
Hello Guido! I am trying to use Digistore24 and Digimember for my product launch and it is a nightmare! They sell it as a 1-click solution… it would be if it would do what they promise… but it´s just pure crap… it is 100% unstable… sometimes it workes but most often it doesn´t! By coincidence it always works when the support is looking on it and one day later it´s not working anymore! I had that now 3 times in a row… without changing anything o the API or the configurations! And Support from both Plugin and Payment Provider are far away from helpful….they try to do the least possible… First email is always a bullshit email with check settings etc… I mentioned in the mails that the settings are 100% correct and according to their instructions it should work… but it doesn´t…. access mails go out with 4 or 5 hours delay or even never… DIGIMEMBER AND DIGISTORE24 together is the PURE NIGHTMARE….
just add .de to the links if they do not work:
http://werde-schauspieler.de, http://easy-onboarding.de
Paypal as a payment method integrates well in any platform.
I use PayPal advanced and paypal express plug-ins from woothemes. They worked well out of the box and even better when u added my own custom php. I had an issue with the sku not being sent to paypal but was able to solve it. Reply below if you are having similar problems and I’ll give u the edit.
Thanks for recommending some sites I never heard of. I personally use http://www.WePay.com combined with Woo-Commerce. It’s always good to know what is out there. Thanks again!