Payment and E-Commerce CS453 Tom Horton Readings: Wikipedia, websites, perhaps Chap 15 in Treese and Stewart Copyright 2009 T. Horton 1 Outline Focus on Credit Card Issues Copyright 2009 T. Horton 2 Payment Cards Credit Cards, Charge Cards, Debit Cards On-line debit cards, e.g. ATM cards Rely on a PIN “Card Not Present” Transactions Over phone, website Fees to retail merchant higher Card present: typically $.25 plus 1.5%-3% Card not present: 2.5%-5% Note fees affect profitability for small purchases Other solutions? See Treese and Stewart on “micropayments” Copyright 2009 T. Horton 3 Credit Cards Support E-commerce Well For the business: Immediate payment Financial clearinghouse For the consumer: Credit Liability, Insurance Customer service, dispute resolution For both: Global service, currency conversion Record keeping Enabling of trust Copyright 2009 T. Horton 4 Credit Card Transaction Flow Authorization vs. Settlement 1. Merchant requests authorization (permission and a hold) from Acquiring Bank 2. Acquirer forwards request to Interchange Network (e.g. MasterCard, Visa) 3. Forwarded to Issuing Bank, which approves or denies the authorization 4. Settlement (funds actually move): Later: when goods shipped, at end of business day Immediately: electronic goods See Figure 15-1 in Treese and Stewart and accompanying explanation Copyright 2009 T. Horton 5 Merchant Accounts So you want to accept credit cards? You need a Merchant Account at the Acquiring or Merchant Bank Settlement moves funds into this account The bank must consider: Type of business Risk of fraud, contested charges 5% of charges are on-line, but 50% of total $$ fraud are from on-line transactions So how to make this happen? You need a “Payment Gateway” Contract with a Credit Card Processing Service Provider Copyright 2009 T. Horton 6 Payment Gateway Equivalent to a store’s “point-of-sale” (POS) and what that does You have a pretty good idea what these do But see Wikipedia also: http://en.wikipedia.org/wiki/Payment_gateway Copyright 2009 T. Horton 7 Credit Card Service Provider Flow 1. Merchant contacts Credit Card Processing Service 2. Service obtains authorization from Issuing Bank 3. Issuing Bank transfer money to Merchant Bank 4. Merchant notified transaction settled Customer too Copyright 2009 T. Horton 8 What’s Provided From a company like Charge.Com or CardService International, you get: A merchant account Access to the payment gateway A secure means for customers to enter their credit card information You pay: Copyright 2009 T. Horton Start-up cost (sometimes) Monthly gateway fee ($10-$20) Statement fee ($10/mo) Transaction fee (fixed, $.25) Average discount rate (% of transaction, 2.1-2.4%) Address verification fee ($.05) 9 Check These Out CardService International http://www.cardservice.com/ Charge.Com http://www.charge.com/ Authorize.Net http://www.authorize.net/ Integrating this into PHP: http://www.merchant-accountservices.org/article/authorize-net-phpintegration Copyright 2009 T. Horton 10 Behind the Scenes Secure transmission of credit card information a must! Clearly SSL comes into this Also more specific work-flows: SET 3D Secure Copyright 2009 T. Horton 11 An Alternative PayPal PayFlow Pro: https://www.paypal.com/cgibin/webscr?cmd=_payflow-pro-overviewoutside What are the pros and cons of using PayPal vs. one of the other services? Copyright 2009 T. Horton 12