Home – New › Forums › Selling online › Accept Credit Cards Online – Charge Manually Offline
- This topic is empty.
-
AuthorPosts
-
February 3, 2013 at 12:28 pm #981665Up::0
Hi All,
I am wondering if there is a system that allows me to accept credit cards from my ecommerce site and then I charge them in to my virtual pos merchant account I have with my bank.
PCI is a bit of a concern, I have been reading up on that lately. I can’t capture the credit card details any longer on my site. It is a big no no.
I don’t really want to fork out a fortune for a payment processing gateway like eway and I don’t like the idea of charges happening online straight away without me knowing.
Is there any method anyone knows of or do I have to start to use a online payment processing gateway like eway?
Thanks in advance for any advice.
Billy
February 3, 2013 at 10:44 pm #1132007Up::0Billy744, post: 149914 wrote:Hi All,I am wondering if there is a system that allows me to accept credit cards from my ecommerce site and then I charge them in to my virtual pos merchant account I have with my bank.
PCI is a bit of a concern, I have been reading up on that lately. I can’t capture the credit card details any longer on my site. It is a big no no.
I don’t really want to fork out a fortune for a payment processing gateway like eway and I don’t like the idea of charges happening online straight away without me knowing.
Is there any method anyone knows of or do I have to start to use a online payment processing gateway like eway?
Thanks in advance for any advice.
Billy
Hello Billy you really have limited options unless you use a payment gateway. If you collect card information on your site you must be PCI compliant. That is true if you use a payment gateway or not. When you use a payment gateway there are different option regarding the entry of card data. If the card data is entered on a page on your website then you will need to have an SSL certificate and be PCI compliant. The alternative is to use a page hosted by the gateway provider they generally have that capability you just have to ask.
eWAY have a method called stored payments where the payment is not immediately processed but the card data is taken and verified then later you go into the eWAY admin system and approve and process the payment.
The main gateways are:
eWAY
SecurePay
Payment ExpressThere are lots of others but I think for a small business these are a safe choice and their rates are similar.
They have value added services like anti-fraud that can help you save money on charge-backs.
They will charge you from 25c – 50c per transaction and you still pay the merchant % fee to the bank.
There will potentially be setup and annual fees but ask and see what kind of a deal you can get. Always pays to negotiate.
John
February 3, 2013 at 11:55 pm #1132008Up::0Hi Billy,
You could use a hosted payment gateway such as PayPal – what happens then is they take the credit card details and process the payment, it doesn’t happen on your site.
You can then link that to your bank account and transfer from PayPal to your account when you need.
If you need to manually take CC’s, you can run them through PayPal yourself on behalf of your customer.
Of course PayPal takes a cut, but everyone does!
Hope that helps.
Brendan
February 4, 2013 at 12:38 am #1132009Up::0Hi Billy
I have also used Paypal in the past, not only with my online shopping cart but also when people rang up with orders I used to just process them through my site, and put their CC into paypal. The buyer does not need a paypal account. And using paypal is so much cheaper as there is no monthly fees.
February 4, 2013 at 2:00 am #1132010Up::0Hi Billy,
we also found Paypal the cheapest and best option. I looked into using a payment gateway a few weeks ago and I found for us sticking with Paypal was the best option. It’s so much more versatile, we can set up our subscriptions and people can pay by CC or direct debit.
February 4, 2013 at 4:19 am #1132011Up::0Hey thanks for all your replies.
This is really frustrating. I already have a cheap virtual pos merchant account with my bank, MOTO approved. I pay 15c per transaction and only 1.2%. I have used it for years and charge customers credit card through that.
I have never had a fraud case because I am the one who decides what I charge so I just delete the order if I can’t validate it myself. It is a great arrangement and I am mad as hell I am not allowed to capture credit card details from my site any longer.
It looks like I will need to give eway and secure pay a call. There goes my savings!!!
Not happy.
But thanks all for replying.
February 4, 2013 at 4:31 am #1132012Up::0Billy744, post: 149970 wrote:Hey thanks for all your replies.This is really frustrating. I already have a cheap virtual pos merchant account with my bank, MOTO approved. I pay 15c per transaction and only 1.2%. I have used it for years and charge customers credit card through that.
I have never had a fraud case because I am the one who decides what I charge so I just delete the order if I can’t validate it myself. It is a great arrangement and I am mad as hell I am not allowed to capture credit card details from my site any longer.
It looks like I will need to give eway and secure pay a call. There goes my savings!!!
Not happy.
But thanks all for replying.
You could offer to take credit card details by phone and/or accept transfers to your bank account.
If you take the card details by phone be careful how you handle and retain the card data. It is essentially a “card not present” transaction so make sure that it is acceptable with your current merchant account. You can also setup a payment method where you send the BSB and Account number for a direct transfer. You then just need to check that you have received the money before sending the goods. If you are uncomfortable sending the account info then setup another business bank account that is only used for that reason. Obviously be careful of transfer fees and setup costs.
Lastly, depending on your price points, you can add a small fee to each transaction to cover the gateway costs when using credit cards. But you have to be careful from a competition viewpoint.
John
February 4, 2013 at 4:46 am #1132013Up::0Billy744, post: 149914 wrote:Hi All,I am wondering if there is a system that allows me to accept credit cards from my ecommerce site and then I charge them in to my virtual pos merchant account I have with my bank.
PCI is a bit of a concern, I have been reading up on that lately. I can’t capture the credit card details any longer on my site. It is a big no no.
I don’t really want to fork out a fortune for a payment processing gateway like eway and I don’t like the idea of charges happening online straight away without me knowing.
Is there any method anyone knows of or do I have to start to use a online payment processing gateway like eway?
Thanks in advance for any advice.
Billy
Hi Billy,
I just came across your message. I am sort of in the same situation as you.
I am currently thinking about e-Path, they are a manual payment gateway. I have made a main message in this forum asking if people are using e-Path and what they think. There might be some e-Path users here (I hope)
Bye
February 4, 2013 at 5:14 am #1132014Up::0Billy744, post: 149970 wrote:Hey thanks for all your replies.This is really frustrating. I already have a cheap virtual pos merchant account with my bank, MOTO approved. I pay 15c per transaction and only 1.2%. I have used it for years and charge customers credit card through that.
I have never had a fraud case because I am the one who decides what I charge so I just delete the order if I can’t validate it myself. It is a great arrangement and I am mad as hell I am not allowed to capture credit card details from my site any longer.
It looks like I will need to give eway and secure pay a call. There goes my savings!!!
Not happy.
But thanks all for replying.
I feel your pain 😡 When I looked into it not so long ago it seems the laws and regulations are so much in favour of the banks making a $$$ and not at all in favour of the small to mid sized business owner. I was trying to get away form Paypal as some clients did not like to use it because of the amount of spam and fraud associated with it but I couldn’t find another solution and stuck with Paypal and for those who do not want to use Paypal I send them my bank details to they can manually send the money across of post a cheque. Of course both those things are bumps and stops in the sales funnel and it really does suck !
February 4, 2013 at 6:53 am #1132015Up::0Trudy_BN, post: 149977 wrote:Hi Billy,I just came across your message. I am sort of in the same situation as you.
I am currently thinking about e-Path, they are a manual payment gateway. I have made a main message in this forum asking if people are using e-Path and what they think. There might be some e-Path users here (I hope)
Bye
This is why I luv the net. Thank you very much Trudy. I had no idea anything like e-path even existed. I have rung them and it sounds good, not expensive either.
Thanks heaps for the tip Trudy. I will let you know how I go if you want, I am not waiting around, need to get something done straight away.
Thanks again.
February 4, 2013 at 10:03 pm #1132016Up::0Billy744, post: 149990 wrote:This is why I luv the net. Thank you very much Trudy. I had no idea anything like e-path even existed. I have rung them and it sounds good, not expensive either.Thanks heaps for the tip Trudy. I will let you know how I go if you want, I am not waiting around, need to get something done straight away.
Thanks again.
Really do you homework Billy. The only commentary that I can find about e-path is this old post on Whirlpool which for some reason was restarted July 2012 which is unusual.
e-path is a manual credit card process that requires you to access e-path, see or print the card details and then process those details manually via a eftpos or bank internet card system.
One of the reasons that you use a payment gateway is that you don’t see the consumer card data in full and the process is automated so that you don’t manually intervene and reenter the card data into another system. PCI DSS applies to both online and offline card processing so if you are going to print and store the card data offline make sure you do it correctly.
I am not saying that e-path may not be the right solution for you but assess where your business is headed and think about how much time it takes you processing payments.
Good luck
John
February 5, 2013 at 4:06 am #1132017Up::0Hi John,
I found some more info on e-path here: e-path payment gateway user reviewl and e-commerce talk
I hear what you say bout PCI and security but I’ve always believed it is much more secure doing it the way I am doing it.
What I mean is I don’t have to put my merchant account on the internet. I can choose what I charge and don’t charge and after I charge my customer’s credit card I shred the paper so they don’t even exist.
Anyway I have already signed up for e-path so I’ll see how it goes.
February 12, 2013 at 11:41 pm #1132018Up::0It is very important to comply with the PCI standards – they are there to protect cardholders from fraud, and also from the enormous inconvenience of having to replace their cards. We know that fraudsters have been targeting small businesses – as they believe that the security may not be up to scratch and that there may be valuable information lying around on their systems. A security breach like that can hit a business’s reputation very hard.
That’s why we do recommend that small businesses make use of payment gateway providers – it would give you peace of mind that you won’t be risking your customers’ card details, as well as saving you a lot of time and money in ensuring you are PCI compliant. Payment gateways can often help you with fraud detection systems too.
Please check out our free training program: Get Smart About Card Fraud Online. It’s aimed at small businesses to try to protect them from online card fraud.
Regards,
Caroline @ APCAFebruary 13, 2013 at 1:41 am #1132019Up::0Thanks Caroline,
I have got e-Path working now and it seems pretty good. Yeh, they have run through with me what I need to do about handling credit card details compliant to PCI which seems exactly the same as my bank did with me two years ago cause I charge credit cards received over the phone, by my fax machine and in person.
My personal views on this are pretty strong. The problems everyone is facing is because credit card details are stored online in databases. This is where the hackers are steeling tens of millions of credit cards from, this is what is causing the billions of dollars of fraud each year.
But my system (first doing it myself but now with e-Path) gets credit cards off the internet and once I charge the card that credit card number does not exist anywhere. No hacker can steel credit card numbers when they don’t exist.
I happen to think this is the way of the future, manually processing offline, no credit cards stored online or in any database by the gateway, no credit cards stored by me. Nothing exists after processing the charge.
I read there were like 150 million credit cards stolen in the last two years and a lot of those from payment gateways storing them in databases that got hacked. But if every one of those people paid a business who was manually processing them offline none of those credit card details would have existed online or in any database so there would be no 150 million credit cards stolen and presto, the majority of fraud in the world would end.
But there’s too much money invested in online payment processing systems and businesses for there to be any change but if Visa, Master Card etc, want to get serious about ending credit card details being stolen and ending credit card fraud then they need to get everyone doing it manually in my opinion.
This is only my opinion but you can’t argue with the fact a hacker can’t steel something that doesn’t exist. Even e-Path themselves say the same thing. It is the ultimate unbreakable security for credit card details which I believe people are now starting to realise. It is better for me as a business owner cause I can control what I charge and don’t charge in to my own merchant account and it is a lot cheaper too!!
Thanks
Billy
February 14, 2013 at 3:34 am #1132020Up::0Billy744, post: 151208 wrote:I happen to think this is the way of the future, manually processing offline, no credit cards stored online or in any database by the gateway, no credit cards stored by me. Nothing exists after processing the charge.I read there were like 150 million credit cards stolen in the last two years and a lot of those from payment gateways storing them in databases that got hacked. But if every one of those people paid a business who was manually processing them offline none of those credit card details would have existed online or in any database so there would be no 150 million credit cards stolen and presto, the majority of fraud in the world would end.
But there’s too much money invested in online payment processing systems and businesses for there to be any change but if Visa, Master Card etc, want to get serious about ending credit card details being stolen and ending credit card fraud then they need to get everyone doing it manually in my opinion.
This is only my opinion but you can’t argue with the fact a hacker can’t steel something that doesn’t exist. Even e-Path themselves say the same thing. It is the ultimate unbreakable security for credit card details which I believe people are now starting to realise. It is better for me as a business owner cause I can control what I charge and don’t charge in to my own merchant account and it is a lot cheaper too!!
Thanks
Billy
Hi Billy,I think you’re overlooking one quite large thing. You’ve mentioned that you don’t think cards shouldn’t be stored in databases because if the data doesn’t exist it can’t be stolen – how do you think the financial institutions are storing card data? Yeap, they’re using a database. You’ve also mentioned that E-Path are the way of the future because they delete the card data after you process the transaction. That’s all well and good, but imagine you have 20 orders come through and you’re one of 10,000 merchants they have doing the same thing (I’m making up numbers here) That’s 200,000 credit cards that are currently in their database. It doesn’t matter what your E-Path admin area makes you go through to retrieve a number, it matters how and where they store it.
I can’t speak for E-Path, but at eWAY we use storage and encryption that surpasses what the banks are doing. If you’re interested, have a quick look at our Encryption page and have a look at the websites of the companies we use. The provider of our encryption hardware spends $4 billion per year on R&D in to their equipment. This equipment is the kind of stuff that if you even look at them the wrong way they erase encryption/decryption strings, data etc.
There’s one fundamental difference between eWAY and E-Path though. Once you put a card number in to eWAY you cannot ever see it again. We’ll provide you with a unique token ID to charge it if needed through our system but you’ll never have access to that card number again. And we never store the CVN (which is strictly against PCI-DSS requirements)
Make sure you check out our information on our Beagle Alerts system as well. It uses live credit card data to ensure that if any personal information changes or is misused transactions are blocked – it’s very very cool! – http://www.eway.com.au/why-eway/beagle-alerts
Happy to answer any questions you’ve got as well. I can completely understand hesitance to use online systems when there are some bad stories out there. But when you use a system like eWAY and are aware of all the cutting edge stuff we do that hesitance won’t last long. I certainly sleep well at night knowing exactly what to look for in an online merchant before I buy off them!
Maclean
eWAY -
AuthorPosts
- You must be logged in to reply to this topic.
