E-commerce and online shopping continue to grow year on year worldwide, with many brands, retailers, and startups jumping on the bandwagon of selling their products and services online.
Payments for the transactions in these online shops can take place in a variety of methods, yet we still get asked very often by our clients and prospective clients, how do we handle the processing of credit cards and payment information; and is it safe?
Clearly many people and businesses are concerned about the process, the security, potential risks and wish to know about how online payments work.
CLARIFYING ONLINE PAYMENT PROCESSING
E-commerce payments can be done in various ways: credit/cheque/debit card, EFT, loyalty rewards programs, etc…
This article will focus on the processing of credit/cheque/debit card payments, as this method of payment is the most popular, yet could be the riskiest.
HOW DO E-COMMERCE TRANSACTIONS WORK?
When shopping online users place products into their shopping cart (if the website sells products), alternatively they choose to subscribe to a service. Once the user is happy to transact they would “check out”. Checking out is the process of paying for the products in the cart or the service they wish to subscribe to.
In this step users typically enter their personal details, address, etc. They also need to enter their credit/cheque/debit card details in order to pay.
To process the transaction we integrate the E-commerce online shop with a third party payment gateway.
These payment gateways are independent companies that specialise in the processing of credit/cheque/debit card details and have for years invested in security and technology to ensure that these transactions are securely processed.
THERE ARE TWO METHODS IN WHICH WE INTEGRATE WITH PAYMENT GATEWAY
REDIRECT THE USER TO THE PAYMENT GATEWAY WEBSITE INTERFACE
This is called a non-hosted method and works as follows:
Once the user has entered their personal details, they are then requested to make payment. This method redirects the user to the payment gateway’s website. This is a page that would have some of the E-commerce shop’s branding and a form to capture the card details, yet looks fairly different from the E-commerce shop’s entire look and feel.
Once the user has entered their card details successfully, the payment is processed and the user is then redirected back to the E-commerce website, with a confirmation message that the transaction was successful.
This method of integration is fairly simple but the User Experience (UX) is not the greatest as the user is directed away from the E-commerce site and then back again, which may confuse certain users and doesn’t provide a consistent experience.
CAPTURE THE PAYMENT DETAILS AND SECURELY SEND THIS DATA TO THE PAYMENT GATEWAY
The second method is called a hosted method and works as follows:
The E-commerce website will have a form that not only captures the user’s details, address, etc. but also their card details. Once the card details are captured the E-commerce website will encrypt and send this information to the payment gateway securely. This progress happens in the background and the user is kept on the checkout page until a response is received, usually in a few seconds.
Once the data is received, the payment gateway performs a series of checks before validating the card details, this is to ensure that the website is authenticated and that it is able to process card payments.
Once the site is validated, the card details are validated and the payment is processed (or declined). The result of the transaction is then sent back to the website (all behind the scenes) and the user is informed of the result.
This method is more desirable as it provides the user with a consistent User Experience (UX) and reinforces the brand, as the user is kept on the E-commerce website. In order to encrypt and send the card information to the payment gateway the website needs to be hosted on HTTPS (Hypertext Transport Protocol Secure), IE: SSL (Secure Socket Layer) encryption needs to be installed.
PROCESSING OF CARD DETAILS AND SECURITY LIES WITH THE PAYMENT GATEWAY
The E-commerce website never stores any credit card information nor does it perform any processing of transactions. The process described above means that the payment gateways handle everything related to card information and processing the transaction.
With their heightened layers of security and transaction processing checks, we rely on the payment gateways to for all transactional aspects, therefore reducing any risk of transactions being insecurely processed and card details being exposed.
To conclude, processing of online transactions on an E-commerce website are fairly complex and are handled by third-party payment gateways.
These payment gateways specialise in processing online transactions and therefore provide a secure environment in which to do so.
The risk of allowing people to pay online is diminished due to the various verification steps and security layers that these payment gateways provide. Additional measures such as hosting the E-commerce website within an encrypted environment further enhance security.
When businesses consider opening up an online shop, they can rest assured that the process of accepting online payments is handled by the experts and there is minimal risk, yet highly beneficial.
If you are a business, brand or start-up and you want to launch your E-commerce business yet need an experienced and knowledgeable partner, Elemental is the right company for you. We’ve serious about E-commerce and have helped many businesses launch their E-commerce business from concept to fully operational, coupled with online marketing to drive quality traffic to these online webshops, which generate a high volume of sales.