How to choose
There is a myriad of payment processing options available to e-commerce store owners and the options can often feel confusing.
Factors to consider when choosing a payment processing partner:
- SIGN-UP FEES: Some gateways don’t require a sign-up fee but may not offer all the features you need.
- TRANSACTION FEES: The best-known and trusted gateways generally charge higher fees. Even though fees eat into your profits, you must balance that against the importance of establishing trust with your customers. And the big names provide instant trust.
- COUNTRIES & CURRENCIES SUPPORTED: If you’ll be selling globally then choosing a gateway that can handle other currencies may be an option.
- PRODUCT LIMITATIONS: Certain gateways only allow the sale of physical products, and don’t offer support for digital downloads or services.
- PAYMENT TIMING: Some gateways allow for recurring payments, which can save time if you’re selling services or products on a subscription basis. Others allow payments to be taken on a future date.
- CUSTOMER SUPPORT: Will your customers be happy with email support or would they rather have the option to speak to a real person when things go wrong? Get the level of support you need.
Who to choose
Globally there are probably hundreds of choices of payment processing partners or payment gateway. Some of the more common and popular ones are:
Onsite payment processing generally leads to higher sales conversions, although PayPal offsite payments convert very well for obvious reasons. But if you’re using another payment processing partner, or offering a choice to customers, make sure the partner has an extension available for your e-commerce store that allows for onsite payment processing, so your customers don’t get redirected off to another website, to enter their card details.
SSL stands for Secure Sockets Layer and an SSL certificate is installed on a website server to offer a more secure and encrypted connection between a website and a web browser.In the
In the past, only some transactional or sensitive data websites really bothered with having an SSL certificate, but in late 2014 Google announced that is was going to become a RANKING FACTOR meaning sites that embraced SSL, ideally across the whole site, would benefit from a boost in the SERPs (Search Engine Results Pages).
Then Google announced that from January 2017, it would start to mark any website that has password login areas, or which takes credit card payment on-site, as NON-SECURE within the Chrome browser (by far the most popular web browser on the planet).
At Ukandoo Academy we recommend EVERY WEBSITE SHOULD HAVE AN SSL CERTIFICATE. They can cost anything from around $20 a year to many hundreds depending on the type and provider.
Or you can now get FREE SSL CERTIFICATES from most leading web hosting companies, provided via the https://letsencrypt.org project.
PCI stands for Payment Card Industry, and this industry has a Data Security Standard (DSS) overseen by the PCI Security Standards Council, that oversees international compliance and standards.
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment.
If your company intends to accept card payments, and store, process and transmit cardholder data, you will need to host your data securely with a PCI compliant hosting provider and ensure that your website is PCI compliant.
If you use onsite payment processing (via either embedded iframe or API methods) where you don’t store customers credit card details yourself, then your PCI compliance requirements won’t be complicated. You can use a PCI DSS Compliance assessment company like Security Metrics to advise you and carry out scans of your e-commerce website.
If you only use offsite payment processing providers (like PayPal) then your PCI compliance requirements will be even easier.
If you use hosted e-commerce solutions like Shopify and use their own payment processing or integrated 3rd party providers like Stripe, then PCI compliance is already taken care of for you.