There’s no doubt that the vast majority of businesses must be able to exploit the eCommerce potential of the Internet in order to stay competitive. A big part of eCommerce involves processing online payment cards. For today’s consumer, the preferred payment method is to use a credit or debit card, and, for that reason, it is essential to start accepting payments as an enterprise client.
The generous implementation of payment methods is usually easier said than done. Online payment processing comes with a number of potential problems that must be addressed.
Having said that, let’s explore some helpful tips that your business should follow when processing payments online.
Be Aware of the PCI DSS
The Payment Card Industry Data Security Standard (PCI DSS) sets down an extensive collection of rules that all card-accepting businesses, large and small, must follow. This frequently updated document covers virtually all aspects of payment card processing, from configuring firewalls to storing customer data.
Maintaining full compliance with the PCI DSS will substantially reduce a company’s risk of suffering a data breach.
It’s also mandatory.
The major card brands can and will impose penalties on a company that is found to have flouted these rules. Many common card-processing issues can be traced to a failure to maintain proper PCI compliance.
PCI compliance can seem unreasonably burdensome — the current version of the Data Security Standard (v. 3.2) is 139 pages long. That’s why it’s wise to partner with a card processor that can help manage your payment system and ensure that everything remains compliant.
Be Aware of Turnaround Times
Businesses that accept payment cards don’t receive these funds immediately. A company generally has to wait 24 to 72 hours for the money to be deposited as part of a “batch” that includes other transactions sent at around the same time. This is industry-standard practice, yet many businesses run into operational problems because they fail to account for it.
You need to be aware of the turnaround times for your batch processing and the specific cutoff times that separate batches. If possible, try to arrange for next day funding, which decreases the processing period so you can access funds sooner.
Provide as Many Payment Options as Possible
Online shopping is all about convenience — never before have customers been able to purchase goods and services with so little effort. To complete a transaction, all they need to do is type in a credit card number and a few other pieces of information. Businesses that can provide optimal checkout convenience will have an edge over those that cannot.
One customer-friendly tactic is to accept all four of the major card brands: Visa, MasterCard, American Express (Amex), and Discover. Some businesses, however, refuse to accept Amex because they believe the cost is too high when in reality the cost of accepting Amex cards have lowered significantly in the past few years.
Luckily, most customers can take advantage of a special program that lowers the fees associated with this card brand.
Consider Automated Recurring Billing when Accepting Payments as an Enterprise
If your business offers goods and services that can be purchased on an ongoing basis, you should have a dedicated platform for handling this function. Some businesses, especially smaller ones, rely on PayPal or a similar service for their recurring and invoice billing needs.
However, PayPal may look unprofessional to some customers, and not all customers are willing to accept being directed to a third-party service that they may disapprove of. The best solution is to keep this function under your own roof. Partnering with a trustworthy and secure platform that allows for billing straight from your website or an invoicing page, will help fit the needs of your organization.
Verify All Billing Addresses
Online transactions that involve Visa, MasterCard, etc., are classified as Card Not Present transactions, which means simply that the merchant cannot see the card used for payment. It’s no secret that these transactions are inherently less secure than in-person transactions where the buyer must produce a physical card. The person placing the order may not even have the physical card—sometimes hackers collect CC numbers through various means.
For that reason, it’s a good practice to have some mechanism in place to verify the billing address associated with the payment card. Failure to take such steps can be costly when accepting payments as an Enterprise: A business that accepts a fraudulent online purchase will be 100% responsible for the costs associated with these types of transactions (e.g., chargebacks, loss of product or service, etc).
Be Sure to Deduct Payment Fees
Did you know that expenses associated with payment processing are tax-deductible? For business owners who feel burdened by interchange fees and related costs, this is a simple way to get some relief. Just be sure to keep proper records over the course of the year so you can deduct the full amount when it’s time to do your business taxes.
Provide Multiple Sales Channels
As we have noted, today’s consumer demands ease of use when shopping online. Among other things, they want to have as many options as possible when it’s time to pay for their goods and services. A lot of customers prefer to send their payment information through an encrypted online form, while others appreciate the option to pick up their phone and speak with a live operator.
Some customers make transactions through their laptops, and others use their mobile phones (and tend to favor mobile-friendly websites). You may not be able to provide all these options, but you should look into expanding your sales channels. For instance, you may not be able to staff a 24/7 sales number, but you could possibly have live agents during the day.
Encryption, which is used to conceal data transmitted over the Internet, is very useful in securing eCommerce transactions. In addition, it goes a long way toward ensuring that your eCommerce system remains PCI compliant.
You will want to consider maintaining the strongest possible end-to-end encryption possible into order to secure transmissions through every stage of the process, leaving hackers no opportunity to seize sensitive data such as credit card numbers. Encrypted transmissions can be intercepted, but the data within them is unreadable and, therefore, useless to the hacks.
Remember that internet browsers can be configured to reveal to the user whether a given page is encrypted, and a significant number of customers will turn away without completing the transaction if this security feature is not present.
Store Only Essential Customer Data
To minimize the damage in the event of a data breach, you should store only those types of customer information essential to the functioning of your company. So-called sensitive data must be treated with enormous care. In general, data such as Social Security numbers and credit card information can be retained only as long as necessary to complete an eCommerce transaction.
In the event that sensitive data must be stored for long-term use (e.g., recurring billing), you need to look into tools such as tokenization, which allows you to save such information on a secure off-site server.
Keep IT Department Updated
Maintaining optimal cyber security can seem like running to stand still. You have to keep pace with lightning-fast developments that are very difficult to anticipate and prepare for. Therefore, it is essential that your IT department, whether it’s in-house or outsourced, always uses only state-of-the-art tools and procedures. In far too many cases, data breaches and similar cyber-disasters can be traced to outdated hardware and software.
Educate Employees About Data Security
“Social engineering” scams continue to plague the corporate world. A lot of hackers obtain passwords and other information by simply calling or emailing company personnel and asking for it. Often they pose as another party that would have a legitimate need for such information. It’s a surprisingly effective tactic that occasionally fools even experienced IT pros, and that’s why it’s important to educate personnel about these kinds of scams.
Furthermore, your team should be aware of the need to safeguard sensitive data — there’s no excuse for emailing credit card numbers in plaintext or leaving printouts of Social Security numbers lying around the office.
Choose the Right Credit Card Processor
This may be the most important tip of all, as it aids in the fulfillment of many tips we have listed above and provides a number of other benefits as well.
For keeping your eCommerce services running smoothly, a first-rate credit card processor is invaluable, assisting in the management of all aspects of eCommerce maintenance.
Relying on a trustworthy third-party organization allows your company to dispense with the need for an in-house team to handle these matters and frees up valuable company resources for other tasks.