Online payments and donations: benefits of e-commerce

e-Commerce: payment gateways

A payment gateway is a service that captures payment information for certain payment methods (usually credit card details) from customers, donors or supporters when they complete a transaction. It creates a message ab0ut a transaction in a format that a bank or financial institution can process and then approve or decline before completing settlement. Settlement means deducting the transaction value from the card holder’s account and depositing the amount, less fees, into your merchant account.

The benefit of payment gateway services is that they provide secure transfer of the payment information. Some will also include additional features to increase their chances of detecting fraud.

There are two main ways that payment gateways provide their service:

1. When your customer, donor or supporter is ready to pay, your website collects payment information and passes it securely to the payment gateway. This usually requires your website to establish a secure session between your customer, donor or supporter’s computer and the payment gateway via a communications protocol referred to as Secure Sockets Layer (SSL) that protects the payment details from unauthorised viewing. (An SSL connection is indicated on a web page with the prefix https:// instead of http:// and a small padlock icon displayed on your browser.)
   To provide this security, you need to purchase and store an SSL certificate. Your payment gateway service provider can assist with this process. Each SSL certificate has an expiry date and you will need to purchase a new one periodically. Providers of SSL certificates are known as Certification Authorities.
2. When your customer, donor or supporter is ready to pay, your website takes them directly to the payment gateway website for them to enter their payment information. This means that you need not take any responsibility for the security of the payment details. You simply receive a message stating whether the transaction was approved or declined. There is some debate about whether users perceive this as more or less secure than the previous option, but this may depend on whether they place more trust in your website or the payment service.

Usually your payment gateway will encourage you to use one method or the other.

There are many payment gateway service providers in Australia. When you are selecting one, it is important to consider the following.

• The ease of setting it up with your site (the gateway provider will usually provide instructions for your developer to establish the appropriate connections and, when required, SSL certificates).
• The provider’s online service portal, which is where you can log in to see your transactions, make reversals and refunds. The easier it is for you to perform services such as refunds, the easier it is to ensure you meet the expectations you have set with your customer, donor or supporter. But you must protect your access details for the payment gateway’s merchant service extremely carefully so unauthorised people cannot perform refunds.
• Whether the provider supports the bank that holds your merchant account.
• The reputation of the provider.
• The costs—any set up fees and combination of periodic and transaction fees. If you can estimate the number of transactions you expect in a given period you can calculate the total cost and compare between providers.

For a review of some of the online payment options in Australia, see the article Understanding Online Payments and e-Commerce in Australia.

Or for international information, see the article Secure Online Purchasing.