Web E-Commerce
Ch. 11 Lecture Notes

Objective #1: Explain how credit cards are used in electronic commerce.

  • There are five ways to pay for online purchases: cash, checks, credit cards, debit cards, and electronic transfer. Credit cards are the most popular method being used in approximately 96% of American Internet purchases.
  • Specific technologies that are used to pay for online purchases are payment cards, electronic cash, software wallets, and smart cards (aka stored-value cards). In this WEB 200 course, we are only studying payment cards and PayPal (a version of electronic cash).
  • A merchant that accepts credit cards in an offline store can accept them in his website since he can "ring up" the charge offline similar to how we would ring up a phone transaction. This kind of transaction where the cardholder is not physically present is called a "card not present" transaction.
  • Payment cards include credit cards, debit cards, and charge cards.
    • The most popular credit cards are Visa and MasterCard. Interest charges apply to any charges that are not paid within a month and the cardholder has a spending limit on the card.
    • Debit cards are issued by many banks and are tied to the cardholder's bank account. Debit cards usually carry a Visa or MasterCard logo and can be used anywhere that a credit card can be used. Debit cards however automatically deduct the payment for a purchase right of the bank account.
    • American Express is the most popular charge card. No interest is applied to balances on a charge card but full payment must be made each month.
  • Single-use payment cards are offered by MBNA and Citigroup. They allow you to use the card once without fear of the card's number falling into the hands of a criminal. So far, single-use payment cards haven't been real popular but they may grow in popularity as more people learn about them and their benefits.
  • When a merchant accepts a payment card he should authenticate it on a payment card processing network in order authorize the purchase. When a customer swipes his card at a business, the card is authenticated over a private computer network. When a customer buys something online with a payment card, the website can be configured to automatically authenticate the card or the merchant can "ring up" the transaction on his credit card machine at the end of the business day.
  • However, a merchant must pay one or more fees in order to be able to accept payment cards. Payment card services companies charge a per-transaction fee as well as minimum monthly processing fees. This is why it is more profitable to the merchant, if a customer pays in cash rather than with a payment card.
  • In order to be able to accept payment cards, a merchant must set up a merchant account with a payment processing service.
  • A merchant must provide the payment processing service with information including the type of the business, the typical cost of the good(s) sold, etc. The merchant himself must undergo a credit history check. The merchant must provide the payment processing service the ability to deposit or withdrawal money out of an account that the merchant has at his bank.
  • Since the law says that merchants must ship merchandise within 30 days of the card being billed, many companies wait to ship the product(s) until they debit the payment card.
  • While American Express and Discover Card are closed loop systems where the card issuer pays the merchant's bank account directly. But most other payment cards used open loop systems. In an open loop system, technically the bank that issued the card is a member of a credit card association. So there is a third party (usually an intermediary bank) that processes the transaction.
  • When accepting payment cards online, you have to be especially watchful with your orders and transactions.

Objective #2: Understand the steps for credit card processing and the fees involved.

  • Follow this set of diagrams to understand the steps involved in an online credit card transaction.
  • There are many companies such as Payment Online, InternetSecure, PayFlow Link, and Authorize.net that offer online merchants payment processing services.
  • Many shared hosting provides such as LunarPages suggest specific payment processing services.
  • A payment processing service (aka merchant account provider), such as e-onlinedata, is often just a reseller for services that are provided by the payment gateway provider (e.g. authorize.net). Here is the list of resellers for Authorize.net.
  • The payment processing service provides you with customer support and set-up instructions while the gateway provider is the company that actually rings up the payments. Both companies charge you monthly for their services. Here's the latest offer from e-onlinedata for authorize.net gateway processing.
  • You need to follow the directions provided by the gateway provider in order to integrate your shopping cart with their service. This can be as simple as typing a specific form action="https://gateway.com/page.html" along with some hidden form fields or it can be as complicated as using a mixture of scripting (PHP, ASP, JSP, Perl) and XML in your web pages.
  • Some gateway providers officially endorse or certify certain shopping carts to work well with their processing methods. Here's Authorize.net's list of certified shopping carts. However, if you know enough scripting, XML, etc. you don't even need a shopping cart so having a "certified" shopping cart isn't necessary.
  • Payment Processing Service Fees
    • Here are the official fees of e-onlinedata, one payment processing service (though they regularly run specials). You must usually pay a monthly service fee ($10) and a monthly minimum ($25 or 2.29% of your Visa/MasterCard charges, whichever is greater). You must also pay about 30 cents per transaction.
  • Gateway Provider Fees
    • Here are the official fees of Authorize.net, one gateway provider, when using it through the reseller e-onlinedata. You must usually pay a monthly access fee ($15) and a 5 cents per transaction (though they offer the first 250 transactions free each month).
  • Hosting Fees
    • In order to process online payments, a gateway provider will usually require that the HTML form that sends the credit card and transaction money amount be coming from a secure server (i.e. one with SSL). You can sometimes use a shared SSL certificate and server or your can use your gateway providers secure "checkout" page, but this doesn't look as professional to customers since they will see another company's domain name in the URL web page address at some point during checkout. If you want to use a secure server with its own SSL certificate and dedicated IP address, you must pay extra hosting fees. At LunarPages, it is an additional $2.50/month for a dedicated IP address that is required in order to set up a SSL certicate annual fee of $99. You can shop around though for SSL certicates and may find them a little cheaper. You can always apply your SSL certificate to any hosting account. Sometimes, a domain registrar will offer SSL certificates as well.
  • In summary, you will be paying a minimum of $50/month for credit card processing on top of your hosting charges. You could be paying as much as another $5-10/month for secure hosting and a SSL certificate.

Objective #3: How to connect your shopping cart HTML with a gateway provider.

  • The easiest way to connect your shopping cart to a gateway provider is to use a shopping cart like OSCommerce that has the built-in ability to connect to leading gateway providers such as Authorize.net. You simply have to "turn on" the particular gateway provider and enter a password or transaction key provided by the gateway into your shopping cart's admin area.
  • Some gateway providers may allow you to send a customer from your website to one of their secure pages in order to enter their credit card data and make the payment. Then, the customer is transferred back to your website. This is particularly useful if you do not have the extra security of an SSL certificate and server.
  • But you can write your own HTML or scripting code to make the connection. Gateway providers will give you instructions and maybe even sample HTML and scripts to help you do this.
  • See the "AIM" and "SIM" implementation guides. as examples of documentation provided by a gateway to help write your HTML and PHP code. Here's the SIM example and here's the AIM example.
  • It is often necessary to compute real-time shipping rates within your shopping cart. You must first set up a web developer account with UPS or USPS though. Then you must read the technical documentation (called API's) to learn how to edit your HTML, PHP, and/or XML to integrate your site with the backend servers at UPS or USPS. If you are using an integrated shopping cart such as OSCommerce, it may be as easy as turning on or installing a "shipping module".

Objective #4: Explain how PayPal or Google Checkout is used in electronic commerce.

  • You can also use turn-key merchant store & credit card processing services from companies like PayPal, Google, Yahoo, eBay and Amazon. This keeps you from having to purchase a hosting account separately from an account with a traditional gateway such as Authorize.net.
  • PayPal
  • PayPal is a popular electronic cash payment system. It was only founded in 1999 and is now owned by eBay.
  • In order to use PayPal, the merchant must set up an account with PayPal. There are several solutions to choose from depending on your needs and technical abilities.
  • In order to use PayPal, a customer may pay for their goods with a PayPal payment or use a regular credit card without having to set up their own PayPal account.
  • However, PayPal charges businesses each a transaction fee per order. However, for consumers that bill each other, there is no transaction fee per order. This is a reason why PayPal is so popular at eBay.
  • Paypal provides documentation (and technical guide ) on how to connect your shopping cart or checkout web page with their processing. Or, you can set up your PayPal service so that your customer connects from one of your pages to one of their secure pages and then is returned back to your website. This is particularly useful if you do not have the extra security of SSL set up on your server.
  • Instead of paying an extra $50 or more per month in payment processing and gateway fees, PayPal only charges you $20/month or less and customers can still use credit cards to purchase your products. However, customers are forced to sign up for a PayPal account if they don't already have one.
  • Google Checkout
  • You can learn more about Google Checkout at http://checkout.google.com
  • You pay no monthly gateway fees and get free transaction processing if you also use Google AdWords. Otherwise it costs 2% of sales plus $0.20 per transaction.
  • eBay Stores
  • You can learn more about eBay Stores at http://stores.ebay.com
  • You can create your own store on eBay and pay about $50/month for the hosting plus associated auction fees (8% or more).
  • Yahoo Merchant Solutions
  • Yahoo charges modest 1.5% transaction fees and monthly hosting fees of $40.
  • You can learn more about Yahoo Merchant Solutions at http://smallbusiness.yahoo.com/ecommerce
  • Amazon WebStore
  • You can learn more about Amazon WebStore at http://webstore.amazon.com
  • Amazon charges about $60/month and a 7% commission.