In this part we’re going to focus on the various payment methods, things to consider when choosing your payment gateway, integration with your chosen shopping cart system, payment restrictions, security and the payment landscape.
What we aren’t going to focus on here are the numerous payment gateways out there and nit-pick between all of them.
This is a long post, so let’s get to it.
Omnichannel payments are becoming a cornerstone and trademark of ecommerce, there are literally dozens of ways to pay online with new payment methods continually being developed and existing methods being improved upon.
Here is a look at not only the payment methods that we offer, but also some of the other methods available out there.
Credit cards are the most widely used online payment method and allow sellers to accept both local and international payments. Any merchant should make card payments their first priority when setting up their payment methods.
As an example, with PayFast merchants can accept payments from two of the most widely used card providers Visa and Mastercard. There are other payment providers that offer the likes of American Express and Diners Club, but bear in mind that there cards carry higher costs and odds are that the client using one of those cards will also have a Visa or Mastercard…
- Ease of use
- Receive local & international payments
- Payments reflect immediately in your payment gateway account
- Built in fraud protection
Instant EFT is PayFast’s patented method of completing online purchases by making an internet banking transfer, and unlike traditional EFT payments it gets instantly verified. There is no two day wait*, you don’t need to send in proof of payment** and it can be used with a variety of South African banks.
- Clears immediately; no two day wait*
- No proof of payment required**
- No delays during checkout
- Works on all browsers and platforms
*Occasional clearing delays with the banks are beyond our control.
**In the event of a clearing delay or incorrect submission of reference info a proof of payment may be required in order for PayFast to clear the payment.
Mobicred is an online account that gives buyers access to credit, which they can use on PayFast. The facility works in a similar fashion to retail store credit: only online. Mobicred charges interest rates comparable to those of credit card providers and only levies monthly fees while the account is used (unlike most credit cards).
- Payments clear instantly
- Gives access to buyers without credit cards
- Available to buyers from most SA banks
- No risk of chargeback or default to seller
Masterpass is a simple, convenient, trusted digital wallet from Mastercard for faster, safer shopping at online merchants.
A digital wallet makes online shopping safer and easy by storing payment information in one secure place.
Masterpass works with all major credit, cheque and debit cards and secures the users data using industry leading technology.
- Ease of use
- Simpler checkout (reducing cart abandonment)
- Payments reflect immediately in your PayFast account
- Advanced fraud protection
In addition to credit and cheque cards, you can also accept debit card payments with PayFast. Debit cards are much more prevalent in South Africa than credit cards and you’ll get access to the millions of buyers without credit cards. Transactions are final and there is no risk of chargeback to the seller.
Choosing your Payment Gateway
Nowadays there are plenty of payment gateways to choose from and this is where things can become complicated.
Here are just a couple things to consider when choosing your payment gateway:
- Is the payment gateway supported by your chosen ecommerce platform?
- Always try to choose a payment gateway that already has a plugin for your ecommerce platform.
- You can view the ecommerce platforms that integrate with PayFast here.
- Do you have a merchant account?
- Some payment gateways (like PayFast) offer an all-in-one payment solution. Others only provide the payment gateway service and require you to have your own merchant account. Generally, if you’re starting up using a provider that offers both is the most cost effective choice.
- How do you want to take payment details from customers?
- Payment from on your site and details sent to your server – not the most secure, not cost effective and you are directly responsible for security.
- Payment form on your site and details NOT sent to your server – a compromise of sorts and although you have fewer security concerns, it is still far more than with a redirect or iFrame.
- Redirect or secure iFrame – the most secure option, but probably won’t match the look & feel of your site.
- What payment methods does the gateway offer?
- Always make sure that the payment offers at least some or all of the payment methods that you would like to use.
- Make sure that the payment methods offered are the methods most commonly used in your market.
- What are the Fees?
- Does the payment gateway charge monthly, set-up fees, fixed per-transaction fees, variable fees…etc. – this is a big one and shouldn’t be overlooked as it will directly impact your bottom-line.
- This may seem obvious, but the fees displayed will more than likely be excluding VAT (yes payment gateways pay tax too) – we get asked about this a lot!
- Is there a contract?
- Some payment gateways lock you into contracts, while others give you the freedom to use the service without the need for contracts or monthly fees. If you aren’t happy with your chosen provider would you rather be locked into a two-year contract, or would you rather have the freedom to move on as you desire?
- Do you want to use more than one payment gateway?
- A lot of shopping carts allow for the use of multiple payment gateways. This can be useful in offering additional payment options that your primary gateway may not offer, or as a backup if your primary payment gateway has any problems.
- Be aware of the fact that this is South Africa and not all payment gateways transact in rands, this becomes an issue when you have set your base currency as rands and the alternate payment gateway simply doesn’t support the option.
- Local vs international payment gateway?
- The major difference between local and international payment gateways is that the local service transacts in rands, whereas the payment gateways that are based overseas transact in their respective currencies (e.g. US dollar), even in South Africa.
- With PayFast, merchants will receive payouts into a South African bank, which is not generally the case with overseas payment providers.
- Overseas payment providers fees are higher on average than PayFast’s and don’t forget about those currency conversion costs, which you don’t have to worry about with us.
- With PayFast your funds clear within 48 hours, while with overseas payment providers this process takes considerably longer (up to 21 days).
- Is the gateway reputable?
- Payment processing is serious business and it’s critical to your business, so you’ll want to pick a gateway that has a good reputation and is well known, as opposed to a one that nobody has ever heard of.
- Another thing to consider is if the gateway has had any significant breaches or security issues, especially in recent times.
- You might want to look at how the gateway treats their merchants and if there are any glaring issues there. Don’t necessarily just focus on public and social media complaints though, since those tend to be inflammatory, one-sided and often don’t take into account the gateway’s perspective…so take this information with a pinch of salt. It’s often best to speak directly to merchants using both your chosen platform and potential gateway to get the most well-rounded feedback.
- Does the payment gateway offer decent security and support?
- This is ultimately a “how long is a piece of string” question, because all reputable payment gateways offer some level of support and security, if your gateway doesn’t, then you could be in for a world of hurt down the line.
- Check to see if the payment gateway in PCI compliant and what level they are at.
- Does the payment gateway respond to support queries within a reasonable amount of time?
- How much security and support do you get when using a particular shopping cart & payment setup? Some setups mean that you will take on the security risk (as mentioned earlier), but also if the shopping cart integration was done by the shopping cart platform then support would more than likely come from the shopping cart platform as opposed to the payment gateway. In this scenario the payment gateway would only provide support relating directly to payment processing.
Payment Gateway Integration
Because ecommerce has developed so significantly over the last decade or so, setting up payments is now easier than ever.
Don’t worry if you’re not looking to integrate with one of our existing integrated platforms or just want a simpler payment option, PayFast also provides the following integration options:
Request payment via email
Generate a ‘Payment Request’ link and send it to your customer via email directly from your PayFast account.
Quick easy solution without the need of any additional systems or websites.
HTML ‘Pay Now’ button
Paste a ‘Pay Now’ button on your website.
Add a payment button on your website – no need for any additional systems or shopping carts.
Do you have special requirements, a large store or a big budget? Maybe you are or have access to a developer, and would like to know how to integrate with PayFast.
But if you’re like most ecommerce merchants then you’ll more than likely be wanting to integrate your payment gateway with one of the major ecommerce platforms.
Integration can still be tricky and require a fair amount of work if the payment gateway hasn’t yet integrated with your chosen platform. Thankfully PayFast has already integrated with many shopping cart platforms to make setting up payments a breeze.
Something that is often overlooked when signing up with a payment gateway are the restrictions that a gateway might have. Here is a look at some of the common restrictions:
Credit Card Limit
Per transaction card limits are put in place to protect both the payment gateway and merchant from potential fraud and other risks. You can generally request to have this limit increased and certain factors will be taken into consideration when doing so:
- Your history with the payment gateway
- The nature of your business
- The new limit required
- Where you expect transactions to be coming from
Once your limit has been increased, it is not uncommon for a retained balance to be added to your account.
A retained balance is a portion of funds which you will not be able to withdraw from your account until a certain period of time has passed once you close the account (eg. 90 days).
You can think of this retained balance as a security deposit, the size of which is determined by the risk associated with your account. The higher the level of risk, the higher the retained balance.
Not all payment methods offered by your payment gateway will be available to international buyers, make sure that you are aware of what is available to them and advise potential international buyers accordingly.
Receive funds in other currencies
If your payment gateway is a South African company then they are only allowed to accept rand as payment by law. Even if your store displays the price of an item in another currency your base currency will be in rands.
Not all payment gateways allow for receiving recurring payments. Make sure to cater for this should your chosen gateway not provide this service.
Be sure that you know when and where your funds will be paid out to. For example, most payment gateways will only payout into local bank accounts. It’s also a good bet that your gateway won’t payout funds to a credit card.
Payouts will generally need to be requested and payments are subject to 48 – 72 hour holding periods before a payout can be requested, thereafter it could take up to 2 working days for the funds to reflect in your bank account.
The fundamentals that you want to consider when it comes to security are:
How secure is the payment gateway? (Using PayFast as a bench mark)
- PayFast is PCI level 1 compliant (the highest level)
- PayFast is developed with the same demands on security and performance as web sites used for banking services and share trading. Your account login, personal details and all money transactions are secured using Secure Socket Layer (SSL) technology with high security 256 bit encryption.
- Your sensitive financial information (like credit/debit card details) is never sent to the people/businesses you make payment to.
- We make use of 3D Secure to further enhance the security of credit card transactions on PayFast.
If your chosen payment gateway doesn’t meet these criteria then you should consider looking elsewhere.
How do I make sure that my account is as secure as possible?
- Login restrictions by hostname / IP or Country
- For added security it is possible for you to restrict your login to your account to a hostname/IP address and country. This will prevent anyone accessing your account from unauthorised locations/devices and notify you if anyone is attempting to do so.
- Two-Factor Authentication
- Two-factor authentication is a simple method of asking for something you know (your password) and something you have (your mobile phone). After you enter your email address and password, you’ll be prompted to enter a code. This code can be generated using a free iPhone/Android app called Authy, or you can have it sent to you via SMS.
- Abnormal login notifications
- The abnormal login notification sends an email to notify you if there is a login to your account from a location which is outside of your normal behaviour.
What can I do to prevent Fraud?
- Restrict credit cards from certain countries
- One of the easiest ways to secure yourself against online fraud is to limit receiving funds from credit cards issued in the country that your online business serves.
- Be aware of suspicious emails (phishing scams)
- Phishing scams happen when a fraudster contacts you, claiming to be a representative of PayFast or you receive fake “automated” system messages which appear as if they were sent by our system. The goal is to trick you into believing that a payment has been made to your account and getting you to deliver items you might be selling or to retrieve sensitive financial information from you.