Payment and E-Commerce
CS453
Tom Horton
Readings: Wikipedia, websites,
perhaps Chap 15 in Treese and Stewart
Copyright 2009 T. Horton
1
Outline
Focus on Credit Card Issues
Copyright 2009 T. Horton
2
Payment Cards
Credit Cards, Charge Cards, Debit Cards
 On-line debit cards, e.g. ATM cards
 Rely on a PIN
“Card Not Present” Transactions
 Over phone, website
 Fees to retail merchant higher
 Card present: typically $.25 plus 1.5%-3%
 Card not present: 2.5%-5%
Note fees affect profitability for small
purchases
 Other solutions? See Treese and Stewart on
“micropayments”
Copyright 2009 T. Horton
3
Credit Cards Support E-commerce Well
For the business:
 Immediate payment
 Financial clearinghouse
For the consumer:
 Credit
 Liability, Insurance
 Customer service, dispute resolution
For both:
 Global service, currency conversion
 Record keeping
 Enabling of trust
Copyright 2009 T. Horton
4
Credit Card Transaction Flow
 Authorization vs. Settlement
1. Merchant requests authorization (permission and a
hold) from Acquiring Bank
2. Acquirer forwards request to Interchange Network
(e.g. MasterCard, Visa)
3. Forwarded to Issuing Bank, which approves or
denies the authorization
4. Settlement (funds actually move):
 Later: when goods shipped, at end of business day
 Immediately: electronic goods
See Figure 15-1 in Treese and Stewart and
accompanying explanation
Copyright 2009 T. Horton
5
Merchant Accounts
 So you want to accept credit cards?
 You need a Merchant Account at the Acquiring or
Merchant Bank
 Settlement moves funds into this account
 The bank must consider:
 Type of business
 Risk of fraud, contested charges
 5% of charges are on-line, but 50% of total $$ fraud are from
on-line transactions
 So how to make this happen?
 You need a “Payment Gateway”
 Contract with a Credit Card Processing Service Provider
Copyright 2009 T. Horton
6
Payment Gateway
Equivalent to a store’s “point-of-sale” (POS)
and what that does
You have a pretty good idea what these do
 But see Wikipedia also:
http://en.wikipedia.org/wiki/Payment_gateway
Copyright 2009 T. Horton
7
Credit Card Service Provider Flow
1. Merchant contacts Credit Card Processing
Service
2. Service obtains authorization from Issuing
Bank
3. Issuing Bank transfer money to Merchant
Bank
4. Merchant notified transaction settled
 Customer too
Copyright 2009 T. Horton
8
What’s Provided
 From a company like Charge.Com or CardService
International, you get:
 A merchant account
 Access to the payment gateway
 A secure means for customers to enter their credit card
information
 You pay:






Copyright 2009 T. Horton
Start-up cost (sometimes)
Monthly gateway fee ($10-$20)
Statement fee ($10/mo)
Transaction fee (fixed, $.25)
Average discount rate (% of transaction, 2.1-2.4%)
Address verification fee ($.05)
9
Check These Out
CardService International
 http://www.cardservice.com/
Charge.Com
 http://www.charge.com/
Authorize.Net
 http://www.authorize.net/
 Integrating this into PHP:
http://www.merchant-accountservices.org/article/authorize-net-phpintegration
Copyright 2009 T. Horton
10
Behind the Scenes
Secure transmission of credit card
information a must!
Clearly SSL comes into this
Also more specific work-flows:
 SET
 3D Secure
Copyright 2009 T. Horton
11
An Alternative
PayPal
 PayFlow Pro:
https://www.paypal.com/cgibin/webscr?cmd=_payflow-pro-overviewoutside
What are the pros and cons of using PayPal
vs. one of the other services?
Copyright 2009 T. Horton
12