• No results found

A guide for accepting online payments for Hertfordshire emarketplace Providers

N/A
N/A
Protected

Academic year: 2021

Share "A guide for accepting online payments for Hertfordshire emarketplace Providers"

Copied!
8
0
0

Loading.... (view fulltext now)

Full text

(1)

A guide for accepting online payments for

Hertfordshire eMarketplace Providers

(2)

9 June 2012 Commercial in Confidence 2 CONTENTS

Background ... 3

Accepting online payments ... 3

Online payment terminology ... 3

Acquirers ... 3

Internet merchant accounts (IMAs) ... 3

Payment service providers (PSPs) ... 4

Shopping Cart ... 4

Payment Card Industry Data Security Standard compliance (PCI) ... 4

Selecting an Internet Merchant Account (IMA) ... 5

Beware of fraud ... 5

The costs ... 5

PSPs integrated into the Hertfordshire eMarketplace ... 5

Data Protection ... 6

PCI / DSS ... 6

Some scenarios to consider: ... 7

I have never traded online or taken a card:... 7

I can take card payments on the phone but have never traded online – ... 7

I already trade online ... 7

I have a PSP not on the list... 7

(3)

9 June 2012 Commercial in Confidence 3

Background

As a valued provider to Hertfordshire County Council you have been selected to be on the Hertfordshire eMarketplace. This involves being given an eCommerce website that will allow you to sell your services to Hertfordshire citizens and gives you control over the content visible and trading settings that are relevant to you. This is free of charge as long as it is only used for transacting with the Hertfordshire eMarketplace.

Step by step information will be given to guide you through this process but as many of you may be unfamiliar with taking payments online, this document deals specifically with the process of accepting online payments.

Unless you are absolutely clear about merchant Accounts and what you need for the Herts eMarketplace, please make sure you read this document carefully.

Accepting online payments

For many small businesses, accepting payments online offers major benefits. Customers increasingly expect this facility and it can improve your cashflow significantly.

Buyers often use the internet for a speedy service; most sales are paid for with credit and debit cards. To accept cards online, you will have to make special banking arrangements.

Online payments using cards are 'card-not-present' transactions. There are higher risks of fraud with this type of payment and banks require you to operate within a well-defined set of rules and accept a higher level of commercial risk than a conventional swiped card transaction in a shop.

It’s important to understand, there are two components for taking online card payments. The first is an

internet merchant bank account (IMA) and the second is a payment service provider (PSP). An internet

merchant account is not the same as your business bank account.

This guide will help you to understand these requirements and assess the options available for taking advantage of online payments.

Online payment terminology

Debit and credit card payments and their application online involve some key concepts and terminology. Acquirers

An acquirer can be a high street bank or other financial institution that offers credit and debit card accepting/processing services. It acquires the money from the customer, processes the transaction and credits your account.

Internet merchant accounts (IMAs)

To trade online you need a business bank account and a merchant bank account (these are not the same thing).

Obtaining an IMA from an acquirer may be quicker and easier if you already have 'offline'

(4)

9 June 2012 Commercial in Confidence 4 with internet transactions. This process is normally quick, especially if the risk to your business does not change.

To help protect merchants and cardholders from fraud, the card schemes have developed a service that allows cardholders to authenticate themselves when shopping online. MasterCard's is called MasterCard SecureCode and Visa's is Verified by Visa.

Payment service providers (PSPs)

You need a payment gateway (from a payment service provider) to securely accept card payments online.

A PSP will provide you with a 'virtual' till or terminal that collects card details over the internet and passes them to the acquiring bank. To take electronic payments over the web, you will need a PSP.

Your choice of PSP will depend on its cost and compatibility with your chosen e-commerce software solution. Usually the higher your transaction volume the lower the rate you will be charged.

Some acquiring banks offer PSP services as part of their product and there are other less expensive options available.

Shopping Cart

Part of the offering from Hertfordshire County Council is an eCommerce website with an off-the-shelf shopping cart included.

Payment Card Industry Data Security Standard compliance (PCI)

The Payment Card Industry Data Security Standard (PCI DSS) - is a worldwide security standard developed to protect cardholders' personal information. It includes requirements for security management, network architecture, software design, security policies and procedures, and other protection of customer account data. The standard is applicable to any organisation that stores, transmits or processes cardholder information.

The Payment Card Industry (PCI) Security Standard Council encourages businesses to comply with PCI DSS and become certified to help reduce financial risks from data compromises.

All eCommerce websites on the @UK marketplace benefit from their PCI/DSS certification which allows secure payment flows between the buyers’ and the suppliers’ bank accounts

(5)

9 June 2012 Commercial in Confidence 5

Selecting an Internet Merchant Account (IMA)

An internet merchant account (IMA) is a type of account that enables you to accept customers' credit and debit card payments directly online.

Several banks and processors offer IMAs. These are referred to as merchant acquirers or acquiring banks. Even if you already have a merchant account for face-to-face transactions, you will still need one

specifically to accept online payments directly from customers' credit or debit cards.

Card users will visit your internet shop to order your goods or services and make payments, and the funds will usually be in your bank account after three or four working days.

Beware of fraud

Online card payments are classed as 'card-not-present' transactions, because you can't physically check the card or the cardholder. If a transaction proves to be fraudulent, the money will be reclaimed from your bank account - this is known as a chargeback. Even if a card-not-present transaction is authorised by the cardholder's bank, this doesn't necessarily guarantee payment.

To help guard against fraud, where a cardholder claims that they did not authorise a payment, check to see if your online payment card processor can offer the card scheme's authentication service -

MasterCard SecureCode and Verified by Visa. The costs

Acquiring banks will charge for their services. There may be a sign-up fee, and day-to-day charges may be a fixed fee in the case of debit card transactions or a percentage of each transaction for credit cards.

In addition, where you are using a payment service provider, they will charge you for their service. Online payments are processed by acquiring banks. Currently, businesses can open an internet merchant account (IMA) with the following acquiring banks to receive payments from credit and debit cards:

• Check the type and length of contract

• Requirement to be able to process pre authorisation payments (deferred)

PSPs integrated into the Hertfordshire eMarketplace

The PSP’s below can be used for the Hertfordshire eMarketplace. If you already have a merchant account it is possible that you will not need a new one, but you will need to ensure it is compatible with one of the following:

• Sagepay

• Realex Global Iris • Barclays ePDQ

Please note that different merchant account and PSP providers have different charges, length of contract (for example for some the contract may be for 24 months, others may offer a 3 month cancellation).

We have also provided you with a document which provides details on how to set up a merchant account with Sagepay, which traditionally offers a 3 month cancellation.

(6)

9 June 2012 Commercial in Confidence 6

However please note that you are free to choose any merchant account provider that is compatible with the PSP’s listed above AND the cancellation period specified is only guidance and you should check this with whichever provider you choose as offers can change over time.

Data Protection

@UK is registered under the Data Protection Act 1998 and is committed to upholding the principals and obligations of information handling.

PCI / DSS

Your merchant account provider and payment service provider will need to know that your website allows secure payment flows. You can let them know that all eCommerce websites on the @UK marketplace benefit from PCI/DSS certification.

(7)

9 June 2012 Commercial in Confidence 7

Some scenarios to consider:

I have never traded online or taken a card:

You should apply directly for an Internet Merchant Account and discuss your requirements with the acquiring bank. You will need to make sure that you include a PSP in whatever solution you decide to implement.

I can take card payments on the phone but have never traded online – Your business already accepts debit and credit card payments for face-to-face transactions.

You should apply directly for an IMA and discuss your requirements , including whether their solution includes a PSP, with the acquiring bank.

I already trade online

Firstly, you need to establish whether your existing Payment Service Provider (PSP) can be set up in pre-authorisation mode because this is a requirement of the Hertfordshire eMarketplace.

You will then need to let your existing (PSP) know where payments will be coming from. You can do this by logging into your PSP online portal and adding @UK’s IP address 080.064.053.015 and subnet mask 255.255.255.000. Typically, you will find this on the Technical tab once you have logged into your PSP website.

I have a PSP not on the list

If your PSP is not listed, you will not be able to use this on the @UK marketplace. Please talk to your IMA provider to confirm whether you can use the PSP’s on the list above.

(8)

9 June 2012 Commercial in Confidence 8

Checklist: applying for an internet merchant account

Banks that offer internet merchant accounts (IMAs) for accepting card payments have strict

requirements. When you apply for an IMA, the bank will want to know certain details about you and your business. You may need to:

Outline your business plan - including details of your cashflow and how you'll promote your online activities

• supply your website address

• explain the details of your product or service

• describe how you will deliver your product or service • set out your terms and conditions for online trading

• work out your expected average online transaction values, your estimated turnover from online sales and your predicted number of credit and debit card transactions

• provide details of the secure server you'll use (this is @UK’s secure server)supply your bank details and provide authority to the bank to carry out a check with credit reference agencies • detail your trading history

References

Related documents

While credit and debit card payments remain a relevant and viable payment option for the established online channel, merchants who choose to offer only card payments for the sake

While credit and debit card payments remain a relevant and viable payment option for the established online channel, merchants who choose to offer only card payments for the sake

Chase Mobile Checkout allows businesses to accept credit and debit card payments on a smartphone.. You can now accept payments through your storefront, online or on the go,

The interchange rate charged depends upon a number of factors including the network being used, the card type (i.e., credit vs. debit, rewards card vs. standard card, etc.), how

Whether you have a current merchant account or are procuring a brand new merchant account, to process credit card payments over the Internet (as opposed to a card swiper), you

A Merchant account makes it possible for a business to accept a credit card or debit card as a form of payment.. All transactions made with a debit or credit card involve the

• Convenient way to straighten and clean condenser and evaporator fins • Each nylon head slides into the master handle and tightens in place • Heads are designed to fit units

American call option which grants the owner the right to buy an underlying asset for a given strike price on or before the expiration date, and American put option which grants