Secure online payments: How to safely take payments through your website
Learn what to look for in a provider so you can start to take secure online payments for your business
Secure online payments can help your business make more money, improve the customer experience and adapt to changing customer preferences.
In the last 12 months, cash in store has all but vanished from UK businesses, with customers turning in record numbers to contactless card payments. But a significant number have also turned to online shopping.
About a third of all retail shopping in December 2020 was through online shopping, according to the Office for National Statistics.
And it wasn’t just a bump in online sales over Christmas, in February 2020 internet sales accounted for 19% of all retail sales and this increased steadily through the year, reaching 33% in May.
Whether it’s doing their weekly shop online, or shopping for clothes, customers have started to become more accustomed to eCommerce.
Even small corner shops, which had barely started taking card payments last year, are now accepting online payments and customer deliveries.
But if you’re going to start taking online payments in your business, you have to make sure you’re using a secure online payment process, and working with a partner who can keep you and your customers safe.
So, here are the main things to consider when it comes to taking secure online payment.
3D Secure
3-domain secure, also known as a payer authentication, is a security protocol that helps to prevent fraud in online credit and debit card transactions by adding an additional verification step with the card issuer when a customer uses their card online.
This additional security was initiated and created by Visa and MasterCard and it’s branded as ‘Verified by Visa’ and ‘MasterCard SecureCode’ respectively.
The payer authentication is a three-part process, so there are three parties involved in the process: the issuer (such as Visa or MasterCard), the acquirer, and the interoperability domain (such as payment system).
When a customer tries to make a payment online, they’ll be sent an authentication/ confirmation code to a designated device (usually a smartphone) which they’ll then enter online as a final authentication.
This process is already widely used by many card issuers and online retailers so most customers will be used to using it.
Using SSL to secure online payments
An SSL certificate is something you can get when you first set up your website.
Using SSL will encrypt card details (or any details) sent through your website and make sure it’s protected from criminals.
You can tell if your website has an SSL certificate, because the URL will display a locked padlock symbol next to it. A website without an SSL certificate will instead display a warning.
Not only does an SSL certificate secure your customers’ payment details, it also gives them reassurance that your website is safe, making them more likely to buy from you.
Would you put your card details into a website you weren’t 100% sure was secure?
Remaining PCI and GDPR compliant
The Payment Card Industry Data Security Standards are the guidelines for merchants on what they should do to protect sensitive data when taking payments online.
If you choose the right payment provider, they can handle PCI compliance for you.
Just be sure to check if they’re trying to charge you a compliance or non-compliance fee.
These can be very expensive, with some providers charging over £30 per month!
General Data Protection Regulations (GDPR) are also a security consideration if you’re taking any details from customers, as the fines for failing on GDPR compliance can be hefty.
Choosing a secure payment gateway
To take payments online, you need a payment gateway.
You need to consider some key things when it comes to choosing a secure payment gateway and provider.
First, is it PCI level 1 compliant as a minimum?
Does it have data encryption? How does it keep your sensitive data protected and how can it help you prevent fraud?
A payment gateway can help keep electronic transactions secure by:
- Adding encryption between the customer’s browser and your server so information passed between you will be safe
- Requests authorisation and approval from the customers card company or bank
- Fulfilling the payment
All of this happens in a few seconds to create a speedy, secure online payment platform.