Internet Merchant Account is a bank account that facilitates credit card transactions over the Internet. Today, a merchant account is an essential tool for every business that accepts credit cards. Having a merchant account for any business will allow accommodating far more customers and offering them better services. It also gives the business credibility and recognition with consumers that you are a legitimate organization.Â
Setting Up Such an Account
Merchant accounts can be established through Merchant Service Providers (MSPs) such as banks or via Independent Service Organizations (ISOs). Banks, though viewed as secure and reliable, are generally more selective when deciding on their clients. ISOs tend to be more flexible and are willing to accept more risk since they are neither monitored nor regulated. However, they charge a premium for accepting the risk associated with the business.Â
A merchant account for online business is similar to a merchant account for mail order business. The risk is associated with the fact that retailers don’t have the physical credit card to scan. ISOs should be avoided until banks show their unwillingness to provide merchant account, because the fees are higher in the beginning, and for the life of the account.
To apply for such an account, there is need to supply the bank with the average order size and the average monthly amount that is expected to be running through the account. Estimation should be done conservatively. Banks may ask to keep a percentage (or even a full month’s estimated order total) in an account to cover fraud.Â
The Requirements
In addition to procuring a merchant account for credit-card acceptances, e-tailers also need an order form on their sites. A certificate is also needed from an organization like VeriSign. The ordering page is then placed on a secure server.Â
Now a payment processing software is required to handle transactions between the merchant and merchant’s bank. In the US and elsewhere, retail merchants typically use payment terminals like OMNIPAK. VeriFone’s vPOS software enables merchants to complete credit card transactions over the Internet. vPOS is “imbedded” in Commerce Software. The cost is $1,000 - 20,000
depending on transaction bandwidth. Options include buying or leasing software on a monthly basis which can average between $20-30.
There are hundreds of companies making payment-processing software, but most banks have a short list of ones that they will work with. The best-known payment-processing packages are Authorize.net, Cybercash, IC Verify, and PC Authorize. Which one is the best depends upon the need. Payment-processing system and bank merchant accounts are often sold as a package by a reseller, who probably can give an honest assessment of which system is the best
suitable.
How It Works?
Once a relationship with a merchant account provider or acquiring financial institution is set up, the institution then deposits daily credit card sales into the merchant’s account after deducting a certain fee amount. Some financial intuitions also conduct merchant services, either in-house or out-sourced to third parties. Such services include customer service, billing, authorization, reporting, and settlement services. Third party companies offering these merchants services include First Data Corp., Global Payment Systems, and Nova Information Systems.
- Consumer enters the payment and shipping information at the merchant’s web site to initiate the purchase process (he can either use an SSL-based browser or Secure CyberCash Wallet). Merchant receives the purchase request and returns a summary of the order including the item selected, price, credit card number, shipping address, and the order number.
- Consumer verifies the information and clicks the “Pay” button to send the packet of information back to merchant.
- Merchant receives the packet of information, strips the order information and forwards the payment information digitally signed and encrypted to the payment-processing server. The merchant can not see the consumer credit cardÂ
information. - Payment-processing server receives the information packet, moves the transaction behind its firewall and off the Internet, unwraps the packet within a hardware-based crypto box (the same ones banks use to handle PINs as they are shipped from an ATM network), reformats the transaction, and forwards it to the merchant’s bank over dedicated lines.
- The merchant’s bank forwards the authorization request to the issuing bank via the card associations or directly to the credit card company. The approval or denial code is sent back to payment-processing server.
- The payment-processing server returns the approval or denial code to the merchant, who passes it on to the
consumer.
The entire process, typically, takes 15-20 seconds, and for transaction using the Wallet, no one but the customer and the banks ever sees the credit card number.
What Kind of Authorization Process Is Required?
E-tailers need to anticipate how many transactions will occur on their sites. There are two types of authorization processing–batching and real-time. Batching, used frequently by smaller merchants, is done by hand offline. Once orders are sent by customers, through phone calls, faxes, or online forms, they are processed manually. This can be accomplished through several methods such as swiping through a terminal or using PC-based authorization and settlement software. Since fraud is a problem online and because small merchants are least able to bear the cost of fraud, they should consider batching payments, taking steps to guard against fraud before assuming they need real-time processing.Â
By contrast, real-time authorization provides credit card purchases to be approved or declined immediately. Some e-tail sites use this method to try to save time and money through automating the process, but many sites, especially smaller ones, do not need real-time authorization and its added expense. The need must be determined along with the customers. If done properly, a customer won’t even know whether their payment is being processed in real-time. As long as a customer is given an order number on the thank you page, they will think their order has been processed. There is every possibility to begin the fraud/credit limit check at that point. Customers are not entitled to the products until they have proven they can pay for them.Â
Merchant account provider charge varying fee. The e-tailer should select the best suited to his needs after considering the potential profits. Common costs include the following:Â
Discount Rates
This is the percentage of bank card sale amounts that the acquiring financial institution charges merchants for transaction settlements. This depends on the average order size that is quoted to the bank. A larger order size will usually result in a smaller discount rate–generally about 2-3 percent.Â
Intercharge Fee
This is the amount that merchant’s acquiring financial institution pays consumer’s issuing financial intuition for every credit card transaction settled. Transaction fee can vary from a low of 25 cents to a high of 70 cents per charge. Discounters selling lots of low-cost products could get killed in transaction fee.Â
Equipment and Installation Cost
These costs include hardware/software, set-up, and programming. If the merchant is purchasing an e-commerce solution from the Web hosting company, he may be able to avoid these costs altogether, or they may be bundled into your hosting fee.Â
Monthly Fee
This includes minimum fee, may cover total charges, statements, and excess usage.Â
Reserve Costs
Some banks hold back a percentage of merchant transactions to cover contested charges. Charge-back fee can also be charged when disputes are settled in favor of credit card holder. Fraud often takes the form of disputed charges, which, in the US, are almost universally settled in favor of the cardholder. This means that in addition to losing the amount of the sale after the product has been shipped the merchant loses the $20-50 that the bank charges in charge-back fee. Also, if the merchant has too many charge-backs, he is at risk of losing his merchant account. Merchants who think they are going to set up shop without a customer service phone number are likely to lose more than the cost savings of not putting up a toll-free numberÂ
(1–800 number). High charge-backs also result in an increased reserveÂ
requirement.Â
Depending on the providers, the fee can differ, and most can be negotiated. E-tailers need to do some research, compare rates and services, apply these to their specific costs, and then take informed decisions. Many merchant account providers offer cost information on their sites.Â
Security Issue
Credit card numbers are more likely to be stolen in a restaurant or over the phone than over the Web. So it is assumed to be safe to pay through the Internet. The majority of people are probably still convinced that using credit cards over the Web is extremely risky. It is very important for the e-tailer to make sure that online sales system is as secure as practical, and to convince the site visitors of this fact.
Most packages support the industry standard Secure Socket Layer (SSL) protocol. The SSL protocol encrypts (or scrambles) every message on the network making it extremely difficult for anyone who intercepts the message to extract the customers’ information.
In order for SSL to work, the software requires that a component called a certificate be issued and installed in the server. The browsers (Netscape and Explorer) will only recognize certificates from a limited set of certification authorities, and in order to get a certificate the merchant has to verify his identity to the certificate issuer. Using SSL, visitors can query the certificate in their browser and get independent assurance of the identity of the certificate holder. All this helps reassure the visitor.
The other security issue is the handling of the credit card information once it is on the server. Here the consumer is advised to look for a hosting company that can provide a firewall to protect the server and also look for an e-commerce solution that encrypts the payment
information on the server for additional protection.
Most banks offer credit card merchant accounts, but only a few are suitable for the Internet merchant at the moment. Some banks will not deal with Web merchants at all. Others may be willing, but are not knowledgeable about the Internet. Going to the web site of any of the major payment-processing software makers, a list of recommended banks can be found.
Banks that can provide such an account must be given the first preference over the
independent service providers.
There are chances of fraud at different levels in the online payment processing and also the sense of insecurity in the consumer’s mind. This can effect the business adversely. It is very important to decide whether or not real-time authorization is required. If the product that is delivered online, for example online content, magazine that requires paid registration, or software that is distributed by download, then it needs immediate authorization, for customers who would like to receive what they have paid for right now. If the merchant is selling something that he sends through the shipment, then real-time authorization is not important.