dang
|
|
Accepting Credit Cards on Grex
| 
May 6 21:09 UTC 1999 |
Over the past 2 months, I've been researching possible companies and methods
for Grex to accept payment via credit card. For those of you not familiar
with credit card charges from the merchant's end, here's a brief description,
along with some difinitions.
Basically, there are three things necessary to make a charge on a credit card:
1. A merchant account.
2. A method of sending information to the processing company.
3. A company (usually a bank) to process the actual charges.
All three of these things cost money, and, in a traditional storefront, the
merchant would pay for all of them. I'll get back to our options after
definitions.
Definitions:
Merchant Account: This is an account that a merchant makes with a bank. It is
analgous to a credit card account for an individual, but it allows the
merchant to accept charges and get money, rather than spend it. It requires a
credit check and an application fee, similar to a credit card. Usually, it
does not require any regular fees, but the setup fee can be large. I've seen
them range from $75 - $500. Each account is associated with a business, and
the name of that business is what appears on the charge receipt. Ordinarily,
we'd need to get one, but there are a few scenarios where we don't need one.
Card Reader (or Swiper): This is a piece of physical hardware, which just
about all of you will have seen in a store. It requires the physical presence
of the CC, so it can be run through the machine. It then dials a phone line
to connect to the processing company and automatically sends the information,
and received the confirmation number or rejection notice. It is either
bought (ca. $500-$700) or rented/leased (ca. $20-$50/mo.). It is the "normal"
way of accepting credit cards, and is the most secure because you have the
signature of the person and the card so you can compare. Obviously, this will
not work for us, because we won't have the cards.
Card Processing Software: This is the main alternative to a card swiper. It is
software that accepts the CC number, expiration date, and billing address and
connects to the processing company either via a direct modem call or via a
secure internet connection, and makes the processing request. It then returns
with the confirmation number or rejection notice. Because you don't have
signatures, it requires the billing address and costs more to process. The
software comes in two main forms: PC and Website. The PC form runs on a PC or
Mac, and requires us to manually enter the information we obtained via some
method, such as a secure webserver or secure email or via the phone. The
website form actually runs on the secure webserver itself, and gathers the
information directly from the consumer. It then automatically runs the
processing, and returns the result immediately to the consumer. The software
is either bought or rented/leased, and usually is priced the same as that's
company's card swiper.
Processing Company: Someone in the financial world needs to do the actual
charge processing. This is usually a bank, and usually a bank that issues
credit cards. The card information is gotten to the processing company, and
that company contacts the issuer of the card and checks to see if that is a
valid card with correct information and that the owner has enough credit to
handle the charge. If so, the charge is made to the card and the money
transfered to the processing company. The processing company then returns an
acceptance, and the money, less some percentage as a processing charge, is
transfered to the merchant's bank account. This usually takes from several
hours to 2 business days. If the card is not valid, the information is not
valid, or there isn't enough credit, and appropriate rejection notice is
returned and no money is transfered.
That covers what is actually needed to make a charge. There is still one
thing left, however. We need to get the credit card information. There are
five possible ways to do this, 3 of which are an option to us.
1. Actually swipe the card itself. This is not possible to us, because we
won't have the card in our possesion.
2. Obtain the card information via some insecure method, such as unencrypted
email, an unsecure web server, a posting somewhere on Grex, or something
other way where the number can be stolen. This is not an option, because
it would allow credit card fraud, which we have to agree to not allow.
3. Secure Email. This involves picking some email encryption scheme, such as
PGP or a VeriSign certificate, setting it up, getting it verified enough so
it's trusted, possibly paying for it, and teaching everyone who wants to
use it how to use it. It's possbile for us, but quite difficult.
4. Phone. We could require anyone who wants to make a charge to us to call us
on the phone to give the information. This is relatively secure, but is a
hassle for us and expensive for them.
5. Secure Web Server: We could set up a secure web server, or pay someone else
to host one. This would allow us to accept credit cards from anyone with
access to a secure-capable web browser, and is the best option for us, in
my opinion. Setting up a secure web servers requires a seperate computer,
server software, and a certificate. The seperate computer is necessary
because it needs to store sensative information, which must be secure.
This is a one time cost, and we could make one from spare parts we have.
The server software isn't a problem, because Apache, the software we use
now, is capable of secure serving. The Certificate needs to be bought from
some well-known company, such as VeriSign. It both acts as a key for
encryption of the session, and acts as reassurance to the consumer that we
really are who we claim to be. Currently, a VeriSign Certificate costs
$350 per year. If we pay someone else to host the server, we just pay them
a monthly fee, and set up our pages on it. They handle the rest, including
the certificate. Since they are buying certificates in bulk, they can get
them cheaper, so it may actually be comperable in price, and involves much
less hassle.
Now we come to what Grex actually has to do to accept credit cards. There are
4 things that need to be done: someone needs a merchant account, someone needs
a swiper or equivilate software, someone needs to process the charges, and
someone needs to host the web server. Basically, we can to all of them
(accept actually process the charges, but we'd pay for that ourselves.) This
is the most common way currently, and the closest to a traditional storefront.
This means that the most stable and reputable companies only allow this
method. We can do none of them, by contracting with a company such as
Billpoint below. They will have the merchant account, collect the
information, make the charges, and only notify us when it's all done. They
charge us a percentage of the sale. This has three major side-effects:
everyone involved in the transaction needs to have an account with Billpoint,
including Grex. This is one more account and password to remember; The
payment is delayed by at least a month; and the actual charge receipt will say
Billpoint, not Grex. I'm not sure how this interacts with charitable
deductions. Or, we can do some of the four and hire out others. Charge
Solutions is an example of this method. We could get our merchant account
through them, have them host the site, and process transactions through them.
Since they host the site and process the charges, they have the processing
software there, and we don't need it.
Below are several sample companies, along with their payment schemes. I tried
to get samples in the relevant catagores, along with a traditional, good
reputation example. When choosing a company, reputation is important. During
the 2 months I was looking, several of the companies I looked at disappeared.
Billpoint --
People pay them, they tell us, we ship product, they receive confirmation of
product arrival, they pay us via direct-bank transaction. Payment is delayed
by at least 30 days, possibly up to 45. http://www.billpoint.com
Transaction Amount Billpoint Billpoint
Transaction Fees Transaction Fees
for Visa and for American Express
MasterCard
Over 3% of the 4.5% of the
$7.00 transaction value + transaction value +
$0.40 per each $0.40 per each
transaction transaction
$2.01 - 5.5% of the 7% of the
$7.00 transaction value + transaction value +
$0.20 per each $0.20 per eac
transaction transaction
$0.00 - 15% of the 15% of the
$2.00 transaction value transaction value
Charge Solutions --
We get a merchant account, but *no software or card reader* and give them
our merchant account number. They host the secure web site, and we link to
it. Charges are to our merchant account. http://www.chargesolutions.com
/
Allows Visa, MC, Amex, Disc, Diner's Club. Specifically allows membership
sales. Lots of impressive capability for the maintainer.
Plan 1 - On-Line Processing 25
NO Lease or Purchase
NO Percentage Fee
$ 99.00 One-time Set-up Fee
$ 25.00 Monthly Service Fee
$.25 Transaction Fee
Plan 2 -On-Line Processing 50
NO Lease or Purchase
NO Percentage Fee
$ 99.00 One-time Set-up Fee
NO Monthly Service Fee
$.50 Transaction Fee
Plan 3 - Merchant Account and On-Line Processing 25
NO Lease or Purchase
NO Percentage Fee
Bank Fees:
$175.00 One-time Set-up Fee
2.50% Discount Fee
$.35 Transaction Fee
On-Line Processing Fees:
$ 25.00 Monthly Service Fee
$.25 Transaction Fee
Plan 4 - Merchant Account and On-Line Processing 50
NO Lease or Purchase
NO Percentage Fee
Bank Fees:
$175.00 One-time Set-up Fee
2.50% Discount Fee
$.35 Transaction Fee
On-Line Processing Fees:
NO Monthly Service Fee
$.50 Transaction Fee
Total Merchant Account Services
We get a merchant account (possibly through them), and lease the software to
run our website. Lease price is $39.95/mo, for 48 mos. Monthly statement
fee of $20. Per transaction fee of 2.95% + $0.30.
http://www.all-approved.com/rates.html
Yahoo! Store
Up to 50 items for sale $100/month, up to 1000 items $300/month. Can view
orders on the web, can retrieve as database files in several formats, can
have orders forwarded by fax, or can have orders sent to our server in real
time via OBI fomat (whatever that is.) We can apply for a merchant account
from Bank One via form on Yahoo. There is a one time $250 setup fee if our
application is accepted. The account will allow us to accept MasterCard,
Visa, American Express and Diners Club. Discovery is coming soon. There is
no minimum contract period, we can cancel at any time.
http://store.yahoo.com
TeleCharge
We get an account with them (not a merchant account) and send in our charges
via telephone. We'd need our own software etc. Funds held for 5 business
days and then electronically transfered into our checking account (either
business or personal). Can cancel at any time, and restart with $25 fee.
No monthly minimum. $300 application fee, 3.10% and $0.30 per transaction.
No equipment costs. Maximum transaction amount $500.00, maximum volume/week
$1000.00. http://www.cathost.com/telecharge/
Merchant Express
Get a merchant account with them. $75 application fee, refundable if not
accepted. Covers Visa, MC, American Express (optional). Extra $25 fee if
want Discover. Use Authorize.net for charging. Is $550 to buy or $35/mo
for 24 mo. or $21/mo for 48 mo. Monthly gateway fee of $10. Per charge
fees:
Fee Item Standard Program Special Risk Program
Discount Rate Retail (Swiped) 1.59% 1.79%
Discount Rate Internet 2.09% 2.49%
Transaction Fee Retail (Swiped) $.20 $.30
Transaction Fee Internet $.30 $.30
Monthly Statement Fee $10 $15
Monthly Minimum Fee $20 * $20 *
Application Fee $75 Refundable $75 Refundable
* You will not incur a monthly minimum fee unless your sales are very low
(under ~$700) for any given month. Discount rate and transaction fee
count toward this amount.
http://www.merchantexpress.com
I personally recommend Charge Solutions Plan 4.
respectfully submitted,
Daniel Gryniewicz
Board Member, Cyberspace Communications Inc.
|