While you collect sensitive credit card information from your online customers, you must employ certain security measures
to protect your customers. Secure Sockets Layer (SSL) is a standard. It will encrypt the traffic from your server to your
customers' computer. You can easily buy a SSL certificate at GoDaddy, Thawte, Verisign and such. The most basic one costs
less than $30 a year.
To setup your SSL certificate, logon your hosting interface, select SSL certificate request. You will be asked to fill in a
number of items including your domain name, company name, location, contact information, etc. Your website will generate a
private key and certificate request for you. When you order your SSL certificate, you will need to copy and paste those as
part of the ordering process, your SSL certificate will be emailed to you. After that, once your put your SSL certificate in
the appropriate web directory (ask your hosting support for exact location), your website will be protected by SSL. Your payment
form URL might look something like https : // www. your domain name. com / your payment form . Note that there is an "s" after http.
To improve payment security, just SSL is not enough. Most solutions come with fraud control measures such as "Verified by Visa",
"MasterCard SecureCode", blacklists scrubbing, heuristic fraud detection software, and etc. However, you can also install you own
fraud control at your end. You can setup your own risk management team to investigate suspicious transactions, call up customers
in random to verify transaction data, and install additional fraud detection programs. There are many 3rd party security add-ons
in the market, e.g. scoring systems that can check customers' shopping pattern, voice verification, etc. If you notice a
significant number of suspicious activities from a certain city or country, you can also ban their whole IP address blocks.
To fight fraud, that is an ongoing battle, you can never have enough payment security.
Reporting & Payout & Rolling Reserve
Most solutions would not only provide weekly transaction reports, but also a real-time transaction online interface for you to
check balance, do refund, etc. For payout, most likely for whatever reasons such as need of cash flow, etc, you would want to get
your money as soon as possible. However, most acquirers think in a different way. If you say you want to receive your payout two
days in arrears, most acquirers will be worried that you might be running a scam. Generally, most acquirers do payouts two weeks
in arrears, and your local acquirers can do better. 10% rolling reserve for 6 months is a general practice; however, certain
solutions could lower rolling reserve to 5%.
We have been working in the e-commerce business since 1998. Our e-commerce projects range from merchant account setup,
payment gateway development to 3rd party billing company setup. Over the years, we have developed good relationships with a
number of acquiring banks, payment gateways, payment service providers and 3rd party billing solution providers. No matter
what you require, could that be a mainstream e-commerce merchant account, or hard to found high-risk account, we are here to help.
Before we can help you, please select your business category on the right-hand side, and fill up the pre-application online form.
We are based in Toronto, Ontario, Canada. If we have updates regarding your application, usually we will contact you during
the period 9am-9pm EST. Thank you for visiting paymentconsulting.biz.