|
SECURE
TRANSACTIONS
Shopping Online
is all about convenience, if your web site is going to sell,
then when it comes to the actual purchase your customers will
want to buy then and there. An easy way to give your customers
that convenience is to offer secure credit card transactions
online.
This article is
a simple explanation of how to set up for secure credit card
transactions on your web site.
Internet
Merchant Accounts
To allow
customers to buy online at your web site with secure credit card
transactions you need to set up a Internet Merchant Account with
a financial institution that is capable of accepting credit card
payments via the Internet.
Unfortunately
most Australian Banks consider an Internet business to be a high
risk when it comes to credit card fraud.. This is because the
merchant does not actually see either the customer or the credit
card. This high risk factor has hindered most Australian banks
from offering Internet Merchant Accounts and the type of credit
card processing necessary for payments to be made to an Internet
store.
See the list of Australian
Financial Institutions that do provide these services.
When you have
established an Internet Merchant Account, the credit card
company (Visa, Mastercard etc) deposits the payments from
transactions on your web site into your merchant account. The
financial institution then periodically transfers the money
electronically from your merchant account into your business
account.
Your financial
institution that holds the Internet Merchant Account will send
you a monthly statement just like the one you get from your
business account. It will contain a record of all deposits, fees
that have been taken out, and the number and amounts of
electronic transfers made to your regular business account. You
will be able to match that information with the statement from
your regular business account to balance your monthly statements
etc.
Merchant rates are fees you pay
to the bank and credit card company for using their services.
Merchant rates for Internet merchant accounts are generally
higher than they are for a regular merchant account because of
the risk factor. There are also per-transaction fees.
You
will find a summary of the fees and charges etc in the
Australian Financial Institutions that offer Internet Merchant
Accounts bit.
Secure
Processing
Once
you have set up your Internet Merchant Account you can begin to
offer credit card transactions via your web site....but adding
security and 'real time' confirmation that you have received
their payment will speak credibility to your customers...
Processing
secure credit card transactions in 'real time' simply means that
the transaction takes place immediately, just like it would in a
physical store. But it's faster because your customer doesn't
have to wait in line. Several customers can check out of your
online store at the same time. Wow....what convenience huh?
For a
transaction to be secure, it must be transmitted electronically
from your site in some form of encryption.
The most common form is SSL (secured sockets layer). There are
different levels of SSL, ranging from 40 to 128 bits. The type
of encryption, e.g., 128-bit, is determined by the algorithm
that is used. Of course the more bits the more cost also...
SSL provides
three important things: privacy, authentication and message
integrity. In an SSL connection, each side of the connection
must have a security certificate, which
each side's software sends to the other. Each side encrypts what
it sends, using information from both its own and the other
side's security certificate.
This ensures
that only the intended recipient can decrypt the information,
and that the information came from the place it claimed to have
come from. It also ensures that the message has not been
tampered with.
There are some
further advances that let you verify that the person at the
other end of the transaction is who they say they are. This is
called Personal Key Infrastructure and will be the subject of
another article.
Another form of
fraud protection, which is not yet available in Australia is AVS.
(address verification system) This verifies that the information
provided by the customer matches the information the credit card
company has on file for the credit card number. AVS can greatly
reduce your chances of accepting lost, stolen or fraudulent
credit cards, and thus can reduce the number of your chargebacks.
Australian Financial Institutions have been slow to run with
this one because it moves the onus of credit card fraud from the
Merchant (You) to the Bank....really I don't believe a bank
would do that?
Australian
Financial Institutions offering Internet Merchant Accounts
IBS queried
some Australian Internet active Financial Institutions: Westpac,
Commonwealth Bank, ANZ, Suncorp Metway, St George and National
Australia Bank on Internet Merchant Accounts.
TO
SEE THE RESULTS CLICK HERE
Techy
Terms:
encryption
- As more and more account numbers, credit cards, and personal
information begins streaming through the web, it becomes ever
more important to adopt some form of data protection.
The most common form of data
protection is encryption. An encrypted transmission is a
transmission that contains plain text data which has been
mathematically altered so as to be unreadable, but which can be
transformed back to the original by a reverse mathematical
algorithm.
Consider the simple encryption
algorithm used in Arthur C. Clarke's 2001 of letter =
letter + 1 in which HAL is turned into IBM. Notice that H + 1 =
I, A + 1 = B and L + 1 = M
Of course modern cryptographic
algorithms are MUCH more complex and hard to solve backwards.
Chargebacks
- occur when a processing bank is forced to reverse a
merchant sale because the cardholder's bank disputes the sale.
In this case, the merchant has the opportunity to appeal and
prove that the sale is valid.
|
