more-arw search

Q&A Forum

Credit Card Processers for a consumer internet site

I am CFO of an internet company that is about to launch its web site and I need to find a credit card processor (merchant bank and gateway) so that we can accept payments by credit card.  The typical transaction size is in the $ 5 to $10 range and it is for digital goods so there should not be an issue of the consumer not receiving what they purchased. Initial monthly sales will be in the $10k range and we project that will be $1M within 12 months time or less. We would like the transaction to take place on our site and have the ability to store the information so that customers can return and not have to re enter their information.

I would like recommendations on

1) Processors
2) What we should do to reduce fraud; I am told that requiring address verification and the CVV number is important
3) Hidden charges I should inquire about
4) Any other advice that would be helpful.

Regards

Joan
 

Answers

Len Green
Title: Performance Improvement Consultant and E..
Company: Haygarth Consulting LLC
LinkedIn Profile
(Performance Improvement Consultant and ERP Strategist, Haygarth Consulting LLC) |

Joan
I don't have direct answers but I can point you to a specialist/expert in this area. Feel free to contact Doug Rodewald, VPat W Capra Consulting Group and put your questions to him. Doug is at drodewaldatwcapra [dot] com or (312) 873-3265.

He and his firm have deep experience with small and large customers in processing card payments in a PCI-compliant way and cost effectively.

Best regards

Len

Michael Scherbourg
Title: CFO
Company: Miklan Manufacturing
(CFO, Miklan Manufacturing) |

Joan, virtually everyone processing CCs these days is PCI compliant. If not, they are almost certainly tied up in fringe or illegal activities b/c no company in their right mind would work with anyone else. That said, have you tried your business bank? All major banks and most big regionals do CC processing, and in my experience they are all within a few cents of one another on pricing. But do get pricing from at least three providers and play them against one another. You will always get better pricing from them by naming who they are bidding against as it's a dog-eat-dog business.

Separate from clearing you may need a CC gateway, like PayPal, Authorize.net and others. Like processors, bid it out. Also, make sure you like their web reporting and check references on how easy they are to work with when it comes to resolving processing issues. You'd be amazed at how many transactions will get hung up in the systems. And with the small size of your transactions, this could become a real cost issue.

Having built customer CC storage at a past company I can say that this is something you can insource or outsource. We insourced it b/c we had a highly customized shopping experience, but you can outsouce it these days to any number of providers. I think this is preferable b/c you can lay off some of your liability this way, but you will have to work within their technical constraints. Make sure your engineering team is in on your discussions with these service providers b/c they will be the ones doing the integration.

To your other questions, the more info you can collect, the more identification points the processor has and thus the lower their risk. People are so used to giving CVV I would recommend baking that in to your forms. Address Verification is a great thing for reducing risk, but it leads to a ton of processing holds. As you can imagine, everyone has different address forms and the processors will rather kill a transaction than accept a "close but not perfect" match. Although depending on the processor you may get them to validate based on zip code rather than specific street address.

Get the full rate card from every processor. The hidden charges, like with all banks, are when things go wrong. Do they charge you extra for incomplete info on a transaction, for error correction, for taking phone calls (do they have phone support?), etc.. They will nickel and dime you to death if you let them. I would recommend building a simple analysis with 1,000 "typical" transactions and a certain number of errors/issues that are fee generating for the processor. Then run that model against every bid you get. Apples to apples.

Mark Webb
Title: CFO
Company: Mindshare Technologies, Inc.
(CFO, Mindshare Technologies, Inc.) |

I agree with what others have said, but if it is helpful, I have used Authorize.net in the past as my gateway and was very happy. Their support was very good if I ever had a problem. Integration into our website and shopping process was pretty easy. I chose my bank (Wells Fargo) as my processor. They were reasonably competitive with others up front, and over time as our volumes grew I got really good rates. I also liked the fact that I already had a good relationships there to get things done. PCI compliance is an issue and especially for you if you are going to store cc info locally. It has been a while since I was in the details of this, and I am not an expert at PCI, but if you can outsource the storage of cc info and still recall the info when your customers return to your site, you might avoid some of the PCI compliance issues you would have to tackle if you store the cc info locally.

I used both address verification and CVV. CVV is easy. Address verification may be worth it as well, but does lead to more valid orders getting placed on hold until you can contact the customer.

My thoughts, hope they help.

Bryan Frey
Title: VP Finance/Corp Controller
Company:
(VP Finance/Corp Controller, ) |

PayFlow from PayPal was not my favorite. I used them in a medium volume online media company and although their system worked fine (not great, but a reasonable amount of issues and errors - you never find perfection in these services), the online reporting was bad. Really bad. Perhaps it's better now and it has been 2 years since i used them, but trying to coax useful info out of their system was just plain frustrating. Also their pricing was not great. Once again, YMMV as they say. Good luck.

Topic Expert
Joan Varrone
Title: CFO
Company: Cloud Cruiser
LinkedIn Profile
(CFO, Cloud Cruiser) |

I really appreciate the advice from you all. I am getting a competetive bid and thanks for the heads up on the problems with address verifications; I will check out the idea of just matching zip codes. Sounds like outsourcing the Credit card data storage is the way to go from a PCI and data security viewpoint.

Best

Joan

Topic Expert
Anand Goel
Title: CEO
Company: Optimized Payments Consulting
(CEO, Optimized Payments Consulting) |

Joan,

CVV and AVS (Address Verification System...inputting customer billing zip code) are good tools for reducing fraudulent transactions.

Other advice would be to get "pass-through" or "cost plus" pricing from any payment processor. Note that many payment processors can also offer you a gateway or online shopping card service so that you don't have to have two different relationships.

I used to work at Elavon, third largest processor in the U.S., and they are a good shop. Feel free to contact Morna Kennedy there and she can provide some online integration options and provide competitive cost plus pricing.

Morna Kennedy

Topic Expert
Randy Miller
Title: Partner
Company: CFO Edge
(Partner, CFO Edge) |

I would recommend Trust Commerce (www.trustcommerce.com). They provide an excellent product. I have known and worked with the founder for over 20 years and he runs the company with integrity.

Gerald Petak
Title: Consulting Controller
Company: Ravix Group
(Consulting Controller, Ravix Group) |

I am a little late to the question, but I concur with most of the responses
1/ PayPal is expensive
2/ Trust Commerce has excellent service
3/ Select your own processor. I have used Trisource and authorize.net. Trisource has very good reporting
4/ I have seen 2.5 to 3% for processing fees, plus a quantity charge at the end of the month. Also, do not accept escrow or cancellation fees. One firm that bid the job wanted to hold back 10% each month for unauthorized transactions.
5/ ask about reporting. You will want to validate deposits with your bank, source of the deposit, AMEX, VISA, MC, Discover, what is uncleared, what are the details for unauthorized claims, currency charges, etc.

Ray Calabrese
Title: Treasurer
Company: Interim Treasurer
(Treasurer, Interim Treasurer) |

I almost went with Trust Commerce, but they didn't have a SAS 70 II at the time. That was a deal killer.

2786 views
Products and Companies

Get Free Membership

By signing up, you will receive emails from Proformative regarding Proformative programs, events, community news and activity. You can withdraw your consent at any time. Contact Us.

Business Exchange

Browse the Business Exchange to find information, resources and peer reviews to help you select the right solution for your business.

Learn more

Contribute to Community

If you’re interested in learning more about contributing to your Proformative community, we have many ways for you to get involved. Please email content@proformative.com to learn more about becoming a speaker or contributing to the blogs/Q&A Forum.