I just recently had very good luck with http://paysimple.com/
They acted as the "friend" wheb applying to the bank who has been there and done it before. They took a look at my website before submitting it and warned me that banks would not go for an annual subscription - keep it monthly among a couple other pitfalls.
That was pretty interesting, but left me wondering, if you're selling web services, why would one get a merchant account, versus signing up with Amazon Simple Pay or Google Checkout or Paypal? It seems like there, all you need is a bank account to dump funds into, and a little button on your site to send people to give their CC details to A/G/P.
I haven't processed CCs before, but I'd love to hear people's stories about it.
Paypal, Google Checkout, ASP aren't really professional enough. You can offer them as options, but you need to have a legit merchant service to gain user confidence.
I would like to hear more on this. Amazon and PayPal have similar published fee structures for low volume accounts. Over half the things I buy online use one of the big 3 or 4 "gateways". My feeling is that by buying through them I am getting more protection. I certainly like the fact that my credit card info isn't sitting around on many small mom and pop biz mysql DBs.
Are there any metrics showing my intuition is not correct?
I wouldn't say that it feels like I have more protection. I trust my bank. I bank with USAA and I have never had any problems. I ended up filing an insurance claim on an item my dad bought me, and I'm pleased with how it turned out. So basically, I'm a customer for life.
I have not heard good things about Paypal. There are a lot of stories about people getting ripped off using paypal. And as a seller, it is risky. One scam is to buy something off of Paypal, report it as destroyed, and then ship back worthless material.
So basically, I trust my bank's customer service, and I don't trust Paypal's customer service. So I view Paypal as a potential headache if I have a problem with a purchase. I have generally had good experiences with Amazon, so there is no negative association with that brand, but I don't feel like I really need more protection than my bank gives me.
That's what I'd like most substance on: most buyers don't like PayPal. This is counterintuitive to me as PayPal, et al. is adding an extra layer of assurance to the buyer on top of their credit card.
I am very interested in any metrics that show using a well known branding like PayPal, Amazon, Google, etc.. gets less transactions than having your own Vias/MC gateway.
What does "professional" mean in this context - matching the design of the shopping cart pages to the rest of the site? Some of those are better than others at doing that - my understanding is that Paypal is the easiest to skin and customize.
It's simple: there's an expectation that some amount of due process has been done before granting you a merchant account. It's harder to setup than a Paypal account. Therefore it's more difficult for crooks/irresponsible people to get a merchant account than a Paypal account, therefore you look more professional with a merchant account.
Does that really go through a consumer's head at the point of purchase? Seems more likely that they'd think things like "ugh, not another site where I have to enter my credit card info - I wonder how trustworthy they are?" or if they're using a third party system like paypal, maybe they'd think "oh cool, I don't have to give out any personal info, I can just use my paypal account".
Just something to think about when setting up a payment system - you might want to grow into needing a merchant account system before you deal with the financial and logistical overhead.
" there's an expectation that some amount of due process has been done before granting you a merchant account."
Hmm. That's never occurred to to me when ordering stuff online. I do make a judgment about the reputation of the seller, but the payment method really doesn't figure into that unless it's something off the wall.
I've been trying to obtain a merchant account for a US business I've started. Problem is, I'm a UK citizen, not a US one. Although I've got a US company and bank account, I've found every merchant requires a Social Security number (because of the Patriot act). I'm wondering what to do next - and whether I have to set up a UK company just to do the payment processing!
Have a go with merchantplus.com. They're in the process of getting me one (I am pretty sure it's with Chase Bank); I am in the same position as you (non-US citizen with a US company) and I have already been pre-approved.
We're likely to end up with a worse rate then US citizens would, but it's still better then no merchant account.
The banks I've talked with want the SSN of someone who can qualify for a revolving line of credit equal to your transaction volume. ie, you want to do 30K of money per month, you have to be wealthy enough to swing a $30,000 unsecured bank loan. The "reserve balance" thing is no longer being offered.
The standard is to require a signature (or two) of a guarantor. I don't think they actually check the guarantor's bank account or credit limit though. That said I've only gone to dedicated merchants, and not banks.
PayPal won't support you against chargebacks, and they cost more, but if you want to get set up without the headaches of applying to a bank, they're a great option.
In past I've applied for merchant account through a middle party(there are tonnes across the web) that deals with the bank and authorize.net. It hasn't been a problem.
I wonder what the process is like if you directly go through a bank.
If you don't store CC numbers -- i.e. you use your gateway to store that information -- does it make the merchant account application process any easier?
In my experience, the bank will trust you if you say that you've implemented a secure, PCI-DSS way to store credit card details. They'll also trust you if you say that you store the numbers on the gateway.
The important thing is to convey that you're aware of the issues, and you've dealt with them.
There is a liability issue with storing card numbers on your own servers, which, iirc, is that if you are breached, the numbers are stolen, and you are subsequently investigated and found not to be in compliance with PCI-DSS, you could lose your merchant account.
Yeah, well if you're not compliant with PCI-DSS then I wouldn't have too much sympathy if that occurred! The rules are not onerous or arbitrary, in fact PCI-DSS reads like Chapter 1 of "Information Security for Dummies".
There's a pretty good summary on the wikipedia page but it basically comes down to maintaining competent system/network security, not storing auth data like CVV2 and never displaying full card numbers, restricting access to the card numbers to those who need it and traceably logging it when they do, writing up a "policy" document which consists of stuff like "employees shall not disclose their passwords" etc, and commiting to test (and log that you've tested) the whole setup every month or so. No big deal.
Most of it is kind of obvious. A decent operation is going to doing most or all of that stuff as a matter of course. It's just kind of a checklist really, formalising what you already know to be good practise. Nothing to be afraid of.
..additionally to losing your merchant account, you may also pay heavy fine to visa and mastercard from what I've read
I've been looking at those things lately since I'm working on an ecommerce platform and it will be my server dealing with the my customers (who sell on my platform)' gateway... It's rather complicated..
An easy way around not having to get an SSL certificate and the problems that storing CC data is to apply to someone like Paypal or Moneybookers for their merchant facilities. These are not normal Paypal or Moneybookers gateways but Merchant gateways, they will handle the transactions in a secure iFrame and handle all the security, fraud and data storage issues you would otherwise encounter. Additionally to note the rates will be significantly lower than other payment gateways (unless of course you are able to get hold of a typical bank merchant account)
An SSL cert starts at like $13 a year, if you can't afford that you shouldn't have a merchant account. There's no need to store credit card information on your server, if you really need it the gateways provide the functionality.
If I am interested taking pre-orders on selling an item, but don't want to go through the hoops of a merchant account, what is the other options for accepting payment?
"Do you pay commissions to affiliates? You’re automatically a higher fraud risk." Why is that?
I can understand the reason for the other fraud risks but I don't see why paying commissions to affiliates is a fraud risk....
Because then there is an obvious way to make "clean" money out of stolen credit card numbers via your service.
This is not an insurmountable problem, but it does mark you as a likely target for all sorts of internet fraudsters that would otherwise not be bothered about yet another project management application.
Even with your own merchant account, I would strongly advise against trying to run your own affiliate program (I've tried). There are just a host of legal and tax issues that will consume your time. Many of the largest sites (among them Netflix) still outsource their affiliate programs.
I use cdgcommerce.com. I've tried a few different providers and they have been very helpful in answering my questions and you have the option of using their gateway or authorize.net
I think at least for the initial startup period it would be a good idea to rely on Paypal or some similar service. The hassle of getting a merchant account might in some cases eat up too much of the founder(s)' precious time. Some successful retailers (like this indie game one: http://2dboy.com/games.php) continue rely on Paypal though they have a large user base. I think the best time to get a merchant account would be once the sales start rising above something like 10K/month or so. In that way, you'll (hopefully) have an account before your sales (again hopefully) hits 100K or so.