What is a payment gateway and why do I need one?

Are you ready to grow your business online? Payment gateways are an essential step to maximising your online revenue and reaching more customers. For those who might need a little refresher on what they are and how they work, take a read of the following article outlining some key points and benefits of a payment gateway to online businesses.

What is a payment gateway?

A payment gateway or third-party service creates a connection between your ecommerce platform and your bank in order to take payments from customers online. Payment gateway software securely authorises credit card payments through the deployment of encryption, allowing sensitive information to be passed from customer to merchant to bank and back. As a security standard, businesses must have a payment gateway or third-party service in order to accept payments online.

How does it work?

The payment gateway sends credit card and other private data between parties in a secure manner to ensure all information is protected while a transaction is being processed. To complete this process, the payment gateway completes a range of tasks within about 3 seconds. To demonstrate the process in action, let’s take a look at how it all plays out.

  • Becky has decided to buy a shirt through an online store. Once she’s happy with her choice, she adds the item to a shopping cart and heads to the checkout page.
  • The website will open a secure payment page where she enters her credit card details to place the order.
  • The payment details are transferred securely from the payment page to the payment gateway.
  • The payment gateway will encrypt her credit card information and pass it on to the merchant’s bank to be authorised.
  • The merchant’s bank will decide whether or not the transaction should be approved based on a number of factors (whether Becky has gone over her credit limit, whether the card is legitimate, etc) and passes this information back to the payment gateway.
  • If the transaction is approved, the payment gateway will notify the merchant and the customer that payment has been accepted.
  • If the transaction is denied, a message will appear on Becky’s screen notifying her that the payment was declined, and the transaction has been disregarded.

The benefits of a payment gateway to your business:

Although there are a number of alternative methods available for taking payments online, having a payment gateway provides a range of unique benefits to ecommerce businesses. Some of these key benefits include:

Secure payment processing

Data security should be the number one priority for any business. Payment gateways offer the ability to take protected payments via industry-standard encryption technology. With a reputable payment gateway, customers need not worry about their credit card or personal information being intercepted and used without authority. Payment gateways protect both merchant and customer against identity fraud. 

Accept payments instantaneously

With a process taking less than 3 seconds, payments can be accepted online in real time. This means that customers don’t need to wait when purchasing their goods and merchants don’t need to wait for payments to be received.

Enable international purchases

With the ability to process transactions in multiple currencies, payment gateways allow you to access a global network of online shoppers. The ability to accept any currency means you can expand your potential target audience and create a worldwide network of customers.

Complete transactions around the clock

With a payment gateway connected to your ecommerce store, you’re always open for business. Consumers can access your store and complete a transaction at any time of the day meaning you can make money even while you sleep or travel.

Keep web users on your page

dPayment gateways enable you to take payment from your customer without directing them to a third-party page; the last thing you want to be doing is guiding traffic away from your website. Having a payment gateway allows you to keep your customers right where you want them – on your web page.

Latpay’s Merchant Facilities

Activating a merchant account can be challenging and sometimes even a little stressful. At Latpay, we make the process straight forward and simple to get your business up and running as soon as possible. With long-standing partnerships with a range of acquiring banks who know and trust our platforms, we’re already known for meeting a range of challenges and volume requirements. We also maintain the highest accreditation for industry data security as a PCI Level 1 Service Provider, meaning banks and customers alike are comfortable and confident in doing business through our gateways.

Latpay services have a strong focus on security, reliability, user experience and customer service driven by our Australian-based headquarters and support centre. If you’re ready to start taking more payments online, get in touch with our team on 07 5515 0402 or learn more about our merchant solutions here.

Setting up your eCommerce Business

Are you gearing up to sell your products online? Starting up an ecommerce venture is an incredibly exciting time for any business owner, however you want to make sure you get it right. With very few touch points and just a single checkout method, it’s important to get all the fundamentals right in order to encourage your customers to complete a purchase.

If you’re new to ecommerce or just want a refresh on the fundamentals of starting an ecommerce website, check out our key points for launching your store including a detailed explanation of the most important step – payment processing.

Setting up the basics – Hosting & Domain

When setting up an eCommerce store, one of the very first things you’ll need to do is organise hosting for your website. There are a large number of companies around that offer this service, however some of our favourites are:

After this is complete, you’ll also need to purchase a domain name. This is generally some variation of your business name (if this is still available) including acronyms. Make sure it’s easy to read and easy to type; you don’t want potential customers getting lost on their way to find you.

Setting up

After you’re happy with the design, it’s now time to upload your products. The process of uploading your items will depend on the CMS you have chosen, however, there are a few fundamental things you should keep in mind when doing so. For example, categorisation of your products is essential to allowing your products to be easily found. If a customer lands on your page and can’t find what they’re looking for in a few simple clicks, you’ve likely lost out on a sale.

Integrating a shopping cart

In order for your customers to be able to shop on your website, you’ll need shopping cart functionality. A shopping cart is essentially a piece of software that users can add their desired purchases to in order to facilitate a purchase. Shopping carts may be self-hosted and integrated into your website with a plugin or downloadable software or hosted by a third-party. With a hosted shopping cart, all you need to do is sign up with the chosen company and you’ll be on your way to start processing payments. There are many hosted shopping carts available, but some of our favourites would have to be:

Processing customer transactions

Undoubtedly the most important aspect of setting up your ecommerce website is having the ability to complete transactions. Regardless of the payment options you’re intending to offer, you’ll need to implement payment processing, including the following:

  •  Payment Gateway

As the name suggests, a payment gateway is the entry point for taking customer payments online. It’s like a cash register at the store, allowing you to accept payments for your goods or services. For security reasons, ecommerce stores cannot process payments directly through their site and thus, the payment gateway acts as a middle man between the customer and the payment processor.

So how does it work?

A payment gateway secures the payment process, meaning customers will be more comfortable spending their money with you. It does this by encrypting data through your secure sockets layer (SSL) and sending it through to the bank to regulate whether or not it’s a valid payment.

  • Payment Processor

A payment processor is the financial entity that processes payments behind the scenes, providing a link between the payment gateway and merchant account. It sends information rapidly to and from these links in the chain to provide a speedy service for the customer. In general, your payment processor will have an agreement with either the acquiring bank or the payment gateway, allowing them to offer a dual service to the merchant.

  • Merchant Account

A merchant account, also known as a merchant ID (MID), is a bank account designed specifically for accepting payment via debit and credit cards online. Your Merchant Service Provider (MSP) will generally be able to provide this account through either affiliation with one of the big banks or as part of their internal services. While there are many merchant accounts available to businesses looking to sell online, they can vary significantly in monthly fees so it’s beneficial to do some research before locking yourself in.

The payment process in action

To help you understand how these processes work, let’s take a look at them in action.

Mel is browsing her favourite shoe store online and decides to buy a new pair of sneakers for herself. She adds the item to her shopping cart, heads to the checkout and enters her credit card information.

As the purchase is processing on her laptop, within a couple of seconds the payment process occurs:

  • Mel’s transaction information is passed from the payment gateway through the payment processor and on to the merchant account
  • The payment processor connects with the Credit Card Network to locate Mel’s bank and then verifies her credit card to ensure the payment is valid
  • Mel’s bank accepts the transaction as she is using a valid card that hasn’t gone over the credit limit
  • The payment processor then responds to the payment gateway with the information that the payment is approved, allowing the merchant website to complete the purchase
  • The merchant is then notified of the transaction and processes Mel’s order
  • Mel’s bank transfers the required money across to the merchant’s bank
  • Once the settlement period has expired, the money is then deposited into the merchant account

Ecommerce and Latpay 

Latpay offer a range of merchant services to help get your ecommerce store up and running in no time. With innovative technology and endless integrations, we can help you elevate your shopping experience to help you convert more customers. With options to set up your merchant account and integrate our payment gateway into your shopping cart, our robust payment platforms offer the most effective way for processing transactions online.

For more info on our comprehensive merchant facilities, follow the link or get in touch with our team on 07 5515 0402

Learn more about merchant facilities here.

Getting Started for Business with Merchant Services

Whether you’re starting up a new venture, taking your business to the next level or expanding your avenues, having the right Merchant Services for your needs is absolutely essential. To help you kick off sales this quarter, let’s run through what Merchant Services are and the various options available to you.

What are Merchant Services / MSP?

Merchant services are the terminals, technology or software employed by a business to take payments by EFTPOS, credit and debit cards. Therefore, the MSP or Merchant Service Provider is the company that manages the operation of these systems. After taking card payment, the chosen system would then settle the payment into the bank account linked with the terminal or software provider.

So which payment system should I choose for my business?

It all depends on your business needs; small businesses, for instance, would have different payment requirements to a large corporation. By the same token, a brick-and-mortar retail store would have different needs to a professional service provider.

There are loads of options available to all kinds of businesses. Let’s take a look at some of these now.

In-store terminals / Point of Sale (POS)

An in-store terminal or POS system is the method employed by a business to take payment for their goods or services at the cash register. This is a combination of software and hardware, including a monitor, barcode scanner, card reader, receipt printer and cash draw. The software component of a POS terminal may be deployed on premise via installed software or through a cloud-based system commonly known as Software-as-a-Service (SaaS). Cash and Eftpos terminals are primarily used in brick-and-mortar stores as they lack mobility or capacity to take online payments.

mPos (mobile POS)

 mPos solutions are a really convenient way of taking payments on the go. You don’t even need a website to get started, as payments are taken directly through an app on your mobile. This type of payment solution is perfect for pop-up businesses, personal trainers, sales reps and anyone who needs to take payments while on the road. mPos software also allows you to accept a range of payment options, including tap-and-go, to ensure you’re offering your customers the method they’re most comfortable with.

eCommerce / Shopping Carts

For eCommerce businesses, having a secure and reliable online payment solution is critical. Essentially, your chosen shopping cart will be integrated into your website, which will then connect with your MSP. Reliable shopping carts can provide seamless checkout processes for your customers and therefore encourage repeat purchases. Most innovative MSPs will be looking to expand their integrations and offer custom integrations, so keep an eye out for this when acquiring their services.

Hosted Payment

A hosted payment page allows you to accept payments through your website by redirecting customers to your MSPs hosted payment page. This method is an economical way of taking payments as there are no development or security fees involved with implementation. A good MSP will also be able to offer a branded page that reflects your website to make users feel like they haven’t moved away from your page.

What to look for when choosing an MSP?

For obvious reasons, merchants are eager to partner with a reliable and reputable MSP to manage their business transactions. However, this market is becoming increasingly saturated and it can be difficult for new businesses to distinguish which company will work best for them. If you’re looking to acquire your first MSP (or are unhappy with your current service), here are a few of our top tips to choosing the best MSP for your business:

  1. Before approaching an MSP, do some research into the options you are interested in acquiring for the specific needs of your business. If an MSP doesn’t offer the services or systems you’re interested in, move on to the next one.
  2. Look into the costs and recurrent fees of each MSP, making sure that your chosen one is good value for money compared with their competitors.
  3. Read the terms and conditions in the product disclosure statement or financial services guide to make sure you fully understand the level of service they are offering and whether it aligns with your needs.
  4. Look for online reviews and customer stories about their customer support; if many of their customers seem unhappy with the service, then maybe this particular MSP isn’t the best choice.

Why Latpay?

Latpay have more than 17 years’ experience delivering merchant facilities and bespoke payment systems to businesses of all shapes and sizes. We deploy robust, secure and innovative technology to allow your business to thrive – all with Level 1 PCI compliance. We also offer 24-hour dedicated technical support to ensure we’re here when you need help. To find out more about Latpay’s Merchant Facilities, follow the link or give us a call on 07 5515 0402

 

Payment Hub

Nuggets & Latpay Partner to Bring Secure Blockchain-Powered Payments to Global Merchants

Lateral Payments Solutions adopts blockchain-powered payment interface from Nuggets to create next-generation payment solution –

London, UK – 03 January 2019: Nuggets, the blockchain-powered decentralised digital identity and payments company has today announced a key partnership with Lateral Payment Solutions, who will integrate the award-winning interface into their globally connected payment platform, to deliver next generation innovative technology to their merchants.

The integration of Nuggets’ technology with existing payment rails will mean merchants utilising the Lateral Payments Solutions platform no longer have to access or store consumers’ personal data. It will also remove the need for usernames and passwords, and the need to store personal information with third parties.

Alastair Johnson, CEO and Founder of Nuggets, said: “We’re delighted to be integrating with Lateral Payment Solutions, which will extend the reach of Nuggets to consumers who want to use it to pay with credit and debit cards. Lateral Payment Solutions has identified the significant opportunity of frictionless digital identity, payment and verification through blockchain, and we’re looking forward to maximising that opportunity with them.”

Since 2001 Lateral Payment Solutions has processed millions of transactions, across an extensive and diverse merchant portfolio. The integration with Nuggets will involve connecting the payment gateway via merchant digital identity to avoid the need for usernames and passwords – made possible by Nuggets’ unique blockchain solution.

Nuggets will continue to facilitate ‘anything, anytime, anywhere’ payments for Lateral Payments Solutions, building upon their existing technology base. The partnership announcement comes at a critical time within the payment sector, with the pending implementation of the EU’s Second Payment Services Directive (PSD2) forcing providers to meet more stringent criteria.

Ian Vidamour, Director of Lateral Payment Solutions said “Our merchants process fast and simple payments via our platform – but they’re also increasingly concerned about how retailers and payment providers store their personal data. Our collaboration with Nuggets, and our integration of their blockchain technology tightened security around the storage of personal information which is why we’re so excited about this partnership”.

-ends-

Media Contact:
Sarah Wright
Cryptoland PR
+44 (0) 781 484 5376
sarah@cryptolandpr.com 

About Nuggets
Nuggets is an e-commerce payments and ID platform. It stores your personal and payment data securely in the blockchain, so you can make simple e-commerce payments and other transactions, without having to share your personal data with anyone – not even Nuggets.
For more information please visit: https://nuggets.life/

About Lateral Payment Solutions
Latpay are a leading Payment and Merchant Service Provider in UK, Australia and Canada offering an integrated online payment solution to businesses around the world. Comprising industry-leading payment technology, exceptional fraud and risk management capabilities, Latpay are proud to provide complete payment solutions to both conventional and bespoke e-Commerce challenges. For more information please visit latpay.com.au

Latpay Image For PCI Compliance

How Does your payment service provider tackle PCI compliance?

The Payment Card Industry Data Security Standard (PCI DSS) encompasses any business that takes payment via credit card, regardless of their size or industry, so it’s vital that you understand what protection your payment provider is offering and what they’re expecting you to tackle on your own.

While some providers may charge security and compliance as an additional service, most of us would expect that these come as part of your monthly fees, right? After all, they are the ones selling you the service, so should security and compliance not therefore be part and parcel of that service? Unfortunately, this isn’t always the case and it’s becoming more and more evident that some payment companies are profiting from this rather than helping you achieve the goal you set out to achieve when acquiring their services – growing your business.

Determining your PCI Compliance requirements

Regardless of whether you are a service provider, online retailer or brick and mortar store, the level of compliance for your business needs to be considered before you can truly understand what your requirements are and whether the additional costs are justified. If you’re handling, processing or storing cardholder data you will be required to meet compliance guidelines depending on how you process the payments.

The PCI Security Standards Council created 4 simple Self-Assessment Questionnaires (A, B, C & D) to help businesses validate the level of compliance they require, relating to whether your business does or does not handle, process or store credit card data. For instance, if your business takes credit cards via a hosted payment page like that offered via Latpay, you would only be required to complete SAQ A.

If, however, you take credit card payment and then store their information for quick future purchases, you’ll be required to complete SAQ D – the longest of the 4 containing around 250 PCI DSS requirements to adhere to.

To help you determine whether your provider is offering the services required by your business, let’s take a look at the top 5 things to look out for when acquiring a payment service provider:

Level 1 PCI Compliance
PCI compliance requirements change dependent on the size of your organisation and how many card transactions your process annually. Regardless of your business specifics, you should hope that your service provider is PCI DSS Level 1 certified, the highest possible level of compliance that can be achieved. This means that the responsibility of dealing with PCI can be shared with your provider, rather than worrying about it yourself in-house. It also gives you peace of mind that their systems consistently adhere to stringent guidelines associated with accepting, processing, storing and transmitting card information.

Secure Cloud Hosting
It’s fairly common knowledge that you shouldn’t be storing any credit card information to your website. For this reason, secure cloud hosting is one of the most infallible ways to securely house information away from your site, so make sure to check with your payment provider what methods they’re using for hosting. While you may have doubts about the security of storing sensitive data in the cloud, in reality it’s far more secure than physical system storage due to cloud providers’ dedication to the latest and greatest in security technology. Using global data centres with the highest standards for security and data privacy on the market, secure cloud hosting is reliable and resilient against a range of risks and threats and should definitely be included in your payment service provider SLA.

Secure Hosted Payment Page
If your business offers a hosted payment page for your customers, ensuring that page is secure is absolutely critical. This is due to the fact that all data sent over the internet is passed through any computer sitting between you and the end server, including credit card information. To mitigate the risk of a data breach, your payment provider should protect the page by encrypting this data with a Secure Socket Layer (SSL) certificate, allowing for a secure connection between device and server. Going the extra mile, your payment provider should be able to offer data tokenisation so that a customer need not re-enter their details each time they purchase online.

Data tokenisation
Data tokenisation is one of the most critical ways to safeguard your sensitive customer data and should be a must-have for your payment service provider.

Similar to the more commonly known process of encryption, tokenisation transforms important data like credit card details into a random set of characters that will be essentially useless in the hands of a cybercriminal.

This is due to the fact that, while the token signifies the original data, it uses a completely random method to be generated and therefore cannot be deciphered. Unlike encryption which uses a mathematical algorithm, a token can only be decrypted through what is known as a ‘token vault’ which houses the association between the data and the token. Further increasing information protection for your customers, the data housed in the token vault is then secured by way of encryption. With guaranteed security of any card data stored on servers, a token vault removes the hassle of data storage and enables descoping of customer data within the merchant landscape.

Fraud Management Services
What fraud management services is your current or prospective provider offering in your SLA? One of the very first things a good payment provider will do is conduct a tailored risk assessment based on your level of acceptable risk to determine how stringent your processes ought to be. As a standard, you should expect that every transaction is verified by a secure fraud management engine. You should also expect that there be some form of real-time fraud mitigation processes in place, complimented by a dedicated fraud management team to share information with you on fraudulent data and potential risks, as well as offline human analysis for increased comprehensive data security.

What should you do if your service provider isn’t making the cut?

If you find that your payment service provider isn’t offering you the highest levels of data security and PCI compliance, or is doing so at an additional cost, it’s time to start shopping around because you’re paying over the odds..

As a leading Payment and Merchant Service Provider in Australia, UK and Canada since 2001, Latpay offer superior fraud management capabilities and data tokenisation services to online businesses around the world.

With industry-leading technology, exceptional Level 1 PCI compliance and fraud management proficiencies, Latpay are proud to provide a truly complete payment solution to conventional and bespoke e-Commerce ventures for companies of all shapes and sizes.

Talk to us on +61 7 5502 6686 to see how we can alleviate the hassles of security and compliance, so you can get back to what you do best.