Those of us who have gone through the pain of applying for an online merchant account know exactly how painful the process can be. The question is, is it worth the hassle? Unfortunately, there is no straight answer. It very much depends on the nature of your business and your growth strategy.
Most small businesses start by accepting PayPal as the only payment method on their website and that in my opinion is a good strategy. PayPal is easy to setup, simple to use, has over 100 million active members globally and a 15% share of the UK ecommerce market. It’s an excellent way to introduce yourself to the peculiarities of the ecommerce payments industry. However, as your business grows you will increasingly feel the need for a merchant account. After all, the card schemes (Visa, MasterCard, American Express etc) have more than 80% of the market share and remain the most preferred method of payment.
The best approach today is to offer your customers both, PayPal and card payments. There are several case studies where this approach has helped improve conversion rates. Even government agencies like Companies House now offer PayPal. The idea is to keep the checkout process as frictionless as possible by giving customers the choice to pay with their preferred payment method.
Accepting Card Payments – Where do I start?
So once you have decided that you wish to accept card payments online and over the phone, what is it exactly that you need to make it happen? There are two key components, a merchant account and a payment gateway. You need both of these. The good news is that many providers can give you both, others specialize in one. For an SME, to keep things simple, I would recommend using a single provider for both. This means one contract to manage and one invoice to pay every month. On the flip side, this does mean a single point of failure but if you choose a reputable provider, there is minimal risk.
Merchant account providers are known as “Acquirers” and payment gateway providers are known as “Payment Service Providers” (PSP). A merchant account is where funds are temporarily held before being paid out to your business bank account. It is a common mistake to confuse a merchant account with a business bank account. They are two very different products. A merchant account, despite the name, is not an actual bank account with debit cards and other banking facilities. It is purely for the collection and transmission of card payments in to your business bank account.
A payment gateway can best be described as a technical solution that acts as a bridge between your website and your merchant account. There are several ways of connecting with the payment gateway and each of these may have different implications for your business. The simplest and safest solution, particularly for an SME, is to use a hosted payment page for online payments and a virtual terminal for phone payments. These integrations shift most of the security risk over to the payment gateway and that’s one less thing for you to worry about. While on the subject of integrations, I would also recommend that you develop a general understanding of PCI Compliance. These are the rules that govern how card data is stored, handled and transmitted by your website and staff.
To help you get started here are some examples of UK and Ireland based providers:
|HSBC Merchant Services||✔||✔|
|BarclayCard Merchant Services||✔||✔|
|First Data Merchant Services||✔|
Note: A few PSPs will resell merchant accounts on behalf of acquirers. In some of these arrangements, you can have a single contract with the PSP for both the payment gateway and acquiring services.
The Application Process – What to Expect?
This first thing you need to know about merchant accounts is that for the account provider, the risk of providing an account is the equivalent of providing your business an unsecured line of credit. This is why the application process is so tedious and you end up having to provide proof of ID, address and past trading history. To understand why these accounts are so high risk for the provider and for you to understand the risk exposure to your business, please refer to the section on chargebacks at the end of this article.
The application process can be generalized in to the below steps (Additional information may be required and the process may vary depending on the provider).
- Qualification: The first time you contact the provider they will usually ask you for some high level information on your business. This is to see if you meet their qualification criteria. An acquirer will always want more information than a PSP. This is because acquirers take the financial risk on your business; the PSP has limited risk exposure outside of their own service charges. Common questions are:
- Description of what your business sells?
- How long have you been trading?
- What is your business turnover? What percentage of it is/will be on cards?
- What is the average transaction value?
- Geographically, where are your customers based?
- What is the percentage split between online payments and phone payments?
- What is the average time between payment and delivery of goods/services?
- If you are a new business, do you have a detailed business plan including forecasts?
- Application: If you meet the provider’s criteria, you will be sent an application form (Note: Some providers combine this with step 1 and use the form to qualify your business). Along with the application, you will usually be required to provide the following documents:
- Proof of ID for one or several directors/shareholders/trustees
- Proof of address for one or several directors/shareholders/trustees. This must not be more than 3 months old.
- Business Accounts (Balance sheet and P&L) for established businesses and a business plan for new businesses. If you accept card payments today, you will need to provide statements from your current provider.
- Your website must include terms and conditions including a refund policy, cancellation policy, delivery timescales and contact details.
- Risk Approval: Once the provider receives your completed application, their risk team will usually review your business and come back to you with an approval or decline. Almost all providers will only give you a generic response if declined. The risk process included comprehensive background checks on the directors, company’s products, reputation and the financial risk your business represents.
- Testing and Integration: Once your account is risk approved, you will then progress to testing. If applying separately to a PSP and acquirer, then testing may be subject to approval by both. The time in testing and complexity depends on your business needs and this is where your experience may vary considerably from one provider to another. This is the last step before you can finally start taking payments.
If you are aware of the above steps and prepared for the process, your initial conversation at step 1 will be significantly more meaningful and you will find that the process will flow relatively quickly.
Cost – The not so easy bit
The cost for acquirers is set by the card schemes (Visa and MasterCard). They set the amount (Interchange Fees) that is to be paid to the card issuer (the customer’s bank) and the amount they collect as their fees (Scheme Fees). The acquirer then adds their margin to it. PSP’s on the other hand, do not pay any fees directly to anyone else and only need to cover their own service costs and margin. The good news is that the total costs are generally very low compared to PayPal.
You should usually expect to pay a percentage rate for credit cards and a fixed pence per transaction rate on debit cards. Steer clear of providers that charge you a percentage rate across all cards, depending on your average transaction value you could end up paying significantly higher fees.
As a general guide for acquiring, a small business with primarily UK based customers should expect to pay anywhere in the region of 1.6% to 2.0% on credit cards and £0.20 to £0.30 on debit cards. For the payment gateway, £0.10 per transaction is a good deal.
The industry in general has moved away from upfront setup fees. Haggle and ask for it to be waived if your provider wants to charge you it. Also negotiate the monthly fixed fee, there are several providers out there offering no monthly fee.
There are many other types of minor fees that you will find in your fee schedules and I guess it goes without saying that you should always read it carefully and ensure you fully understand what each of these fees are and how they will impact your costs.
Chargebacks – Be Prepared
Chargebacks are the single biggest threat to your online business. A chargeback is the customer’s right to demand a payment refund from their bank claiming fraud, non-delivery of goods and goods not as described amongst other reasons. This is then presented to you to challenge and you usually are given 7 days to respond, failing which a decision is made in the customer’s favour. In my experience, I have found the outcome of challenges to be generally biased in the customer’s favour leaving the merchant out of pocket.
If your business gets an excessive number of chargebacks, possibly through no fault of yours, your merchant account can be terminated and you could be added to a list maintained by MasterCard of businesses banned from accepting card payments.
Fortunately, avoiding chargebacks is easy and a few simple steps will protect your business.
- 3D Secure: This is an additional step in the online payment process that requires the customer to enter a secret pin/password as part of the checkout process. This additional layer of security is your biggest defense against fraud. Some of the largest retailers today choose to still not use it citing adverse impact on conversion rates, however for an SME this is more than offset by the fraud losses. You may still get chargebacks claiming fraud even if you have 3D secure enabled, however you will not be asked to surrender funds.
- Fraud Prevention Tools: All PSPs now bundle a fairly sophisticated fraud prevention tool with their solutions. Some may charge you extra for it, others don’t. Whatever the case, you should always choose to use it and actively manage your fraud rules. As an example, if you suddenly see an increase of fraudulent orders from a particular country, create a temporary rule that blocks orders from the country or places them in quarantine for you to review before you ship the goods out. Your PSP will be able to advise you on this and should proactively support you with your fraud management policies.
- Clear Terms and Conditions: This one is the easiest to implement and will help prevent disputes where goods do not meet customer expectations. Ensure you clearly explain delivery timescales, refund policy and cancellation policies to customers. If they are signing up to a recurring subscription, show them a summary of their payment plan. The objective here is to ensure you do everything you can to tell the customer exactly what they are buying. Don’t reinvent the wheel, look at some of the bigger players in your industry, see how their checkout process works and learn from it.
- Customer Service: Make it easy for the customer to contact you. Have a contact us section on your website and try to resolve disputes over the phone.
Lastly, understand that you will still get chargebacks. There will always be some fraudsters that slip through the net, there will always be some customers you cannot make happy. That simply is the cost of doing business.
Opening up online card payments can do wonders for your business. You can start selling to a global customer base. If done right, it is one of the safest payment methods you can use.
Good luck with your business, I wish you success!
Today’s Micro Action
Need a merchant account for your ecommerce store? Then use the advice contained in today’s article to get started.