Deluxe assortment

How does the expansion of Internet-based sales alter the picture of payment processing?

It’s a money-colored thing Remember when you were a kid and you needed only the smallest box of crayons to fill in simple line drawings at school? And as you became more sophisticated, you began to use the bigger boxes that had crayons with exotic names like burnt umber and ultramarine, to get the exact tints you wanted? Well, the tools required to color in the details of e-commerce financial transactions have evolved rapidly from primary colors to a palette of every imaginable shade and tone, depicting new technical products, niche markets, business models, and services.

Handling individual payment transactions over the Internet offers new opportunities and challenges, even though e-commerce payment processing still largely functions on the basis of models and infrastructures that were firmly in place before the advent of the Web as a business medium. One of the major differences in e-commerce, according to Chris Long, vice president of strategic marketing for Lowell, MA-based OrderTrust, is a shift from batch processing to real-time processing because e-commerce requires more speed.

In the United States, at least, most online sales are still made using credit cards. When a customer makes a purchase, the e-tailer in question requests an authorization from the card-issuing bank or company, ships the goods to the customer, and transmits a sales draft for collection to the card-issuing institution, which then transmits funds for payment to the e-tailer’s merchant bank.

A small e-tailer might have a relationship with a local lending bank and use packaged software solutions to collect orders and transmit data, but when the annual volume of payment transactions reaches a certain point, most merchants opt to enter a relationship with someone – a payment processor – who can handle these transactions for them. Payment processors are the glue that holds the different pieces of this chain of transactions together. Merchants pay fees to processors, and processors pay fees to card-issuing banks or companies (in the case of such non-bank credit cards as American Express and Discover, which act as their own issuers and acquiring banks).

Holy Grail Payment processors come in a riot of colors. They include networks, service bureaus, and payment processing units of major banks-for instance, Chase Merchant Services of Chase Manhattan Bank or First of Omaha’s Merchant Processing. The largest companies offer services far beyond traditional merchant processing. Dallas-based Paymentech, owned by Bank One, racked up three billion transactions in 1999, with a bank-card sales volume of $26.6 billion. Paymentech functions as a payment gateway for its clients, offering comprehensive services that include a point-of-sale network and transaction processing for bank cards, international processing, and a variety of value-added functions. OrderTrust routes and monitors client orders through its own network, following more of a service bureau model.

Electron Economy, headquartered in Cupertino, CA, specializes in e-commerce, with an Internet network based on open standards and an application service provider (ASP) model. Electron Economy functions as an aggregator of a variety of payment solutions, and offers several other services to clients besides. “What we’re really pursuing,” says John Jugl, business development, “is the Holy Grail of fulfillment.”

Redwood Shores, CA-based Escalate promises e-commerce clients significant savings through its outsourced network for marketing, fulfillment, and order processing services.

Integrating online order processing with back-end fulfillment systems has proven to be a particular headache for Web merchants and has led to a wealth of new services. Companies such as CyberCash, CyberSource, and VeriFone offer a variety of value-added payment processing services. But make your choices carefully: Although Internet companies may offer such cutting-edge technologies as XML-based processing, “people who think that XML is going to be a panacea have never had to clean data themselves,” says OrderTrust’s Chris Long.

Merchant beware Only two holiday seasons ago, fear of lack of security topped the list of factors dampening consumers’ enthusiasm for e-commerce. Online merchants now almost universally protect customers by hosting their Web sites on a secure server whose protocol – usually Secure Socket Layer, or SSL – can encrypt data transmitted from customers. Some companies, such as CyberCash, CyberSource, and eHNC, have developed their own electronic protocols and specialize in providing secure data and advanced fraud detection technologies. Visa and MasterCard, with a consortium of other companies, have worked to develop Secure Electronic Transaction (SET) as a license-free Internet-based transaction protocol.

But concern about online fraud has shifted from buyers to sellers. “When we think of fraud, we’re thinking of protecting the merchant,” says Rodney Bell, Paymentech’s senior director of corporate offices. By definition, direct response or online sales occur in a “non-face-to-face” environment, a term that refers to the fact that, as with catalog telephone sales, a customer does not have to be physically present at the selling channel to make a purchase. A recent GartnerGroup study claims that Web merchants are ten times more likely than traditional retailers to be victims of fraud perpetrated by customers, and that as a result, they pay a higher credit card discount rate than brick-and-mortar retailers do – 2.5%, as opposed to 1.5% for off-line merchants.

The card-not-present environment may be nothing new for catalogers, but it does present hurdles for traditional retailers, whose information processing systems assume face-to-face contact with customers. In a move to increase the scope of e-commerce fraud prevention services, Paymentech has recently entered an agreement to deploy a proprietary, customized service incorporating eHNC’s neural-network-based e-Falcon fraud detection system, according to Larry Bouchard, group manager of Paymentech’s NH-based Direct Response Group.

Credit due Some of the more innovative developments in payment processing are related to credit. Stuart Weiss, director of CRM call centers for Compaq’s Worldwide E-Commerce division, characterizes even online credit departments as “stodgy.” But e-commerce requirements have led to products that smooth transactions for merchants and consumers alike.

Companies such as and are now using ASP-hosted solutions that allow merchants to route customer credit applications to the members of a lender network most likely to approve a given application. The lender pays a finder’s fee – typically 0.5% to 2.0% of the value of the transaction – to the merchant who supplies the customer.

Other credit possibilities exist among Web sites not linked to any particular merchant store. For example, a consumer can now shop for a loan from, or turn to companies like E-credit and Experian that offer Web-based credit application services in a process that can take as little as four minutes.

The popularity of online auction sites has led to the development of alternative payment solutions (generically termed ACH, or automated clearing house transactions) that make traditional banking products available as electronic fund transfers from checking or savings accounts. Consumers can access these services through the Web or a call center, allowing the merchant in question to avoid credit card processing fees. Web auction site eBay, for instance, features electronic check processing through Billpoint, the result of a strategic alliance between eBay and Wells Fargo Bank. PayPal, a unit of, calls itself “the world’s first e-mail payment network,” and handles almost 40% of eBay auction transactions. Companies such as CrossCheck, Equifax, Telecheck, and CyberSource also process checks by phone or online.

Over there For U.S. merchants and financial service providers, the future may lie abroad. Says Ordertrust’s Chris Long: “Growth is sustainable only through international e-commerce.” The challenges of international payment processing include operating under foreign banking laws, providing technical support for the complexities of local currency conversion, and widespread cultural preferences for forms of payment other than credit cards. But the market is there. “The Web has opened an uncontrolled customer base,” points out Renee Frappier of Pacific Network Services, Ltd., headquartered in Vancouver.

Analysts at Jupiter Communications forecast explosive growth in Latin America in particular – to an $8.3 billion Internet commerce market by 2005. John Shirey, manager of product development for Paymentech’s E-Business Group, confirms that “Latin America is next on the expansion list” for Paymentech, which already boasts a significant international presence.

No one denies the difficulties of foreign financial operations. London-based International Payment Services (IPS, which is a partner of Group), for instance, offers client e-tailers venturing abroad a packaged service that handles the technical, legal, logistical, and linguistic aspects of e-commerce in the country of operation. Customers pay a percentage of each transaction involved. “The trick is to create a well-established network, to have it run by specialist teams, and to make it simple.” says CEO Terry Jones.

International payment processing is really “a matter of developing relationships,” according to Renee Frappier. Most frequently, a payment processor establishes relationships abroad and charges clients a fee to use its connections. Pacific Network Services maintains merchant accounts in banks in various countries, so clients can set up accounts in the appropriate currency. To initiate international operations, some companies have to be validated, which may take a month or more. But under optimum circumstances, Frappier says, “I can set someone up and have them overseas in five days, if necessary.”

Just establishing accounts abroad can be difficult. Shirey reports that a vendor in Australia drove up to a meeting with a truckload of POS systems. “There was no full electronic interface available,” says Shirey, “and the banks involved just didn’t understand the need to set up a merchant account.”

The most complex issues of international e-commerce finance may be the oldest and most straightforward. IPS’s Jones warns that “communicating effectively is the most difficult” aspect of setting up an international direct-to-customer payment processing operation. “Common language makes little difference,” he says.

Acquiring bank: A bank that has a business relationship with a merchant and receives all credit card transactions from that merchant; sometimes called a merchant bank.

Automated clearing house (ACH): An electronic fund transfer from a checking or savings account through the Federal Reserve Bank.

Cardholder application: Also called a wallet; allows an online consumer to conduct secure payment card transactions over a network.

Card-not-present merchant account: An account that allows merchants to process credit cards without a face-to-face transaction with the purchaser, as in online transactions.

Merchant account: An account established with a payment processor for the settlement of credit card transactions. Any merchant who wants to take credit card orders must establish a merchant account. Internet merchants need to set up a “card-not-present” merchant account.

Merchant status: A business is considered a merchant once it has authorization from an acquiring bank, independent sales organization, or other financial institution to accept credit cards.

SET: Secure Electronic Transaction[TM] protocol, an open-network payment-card protocol using combinations of public-key and secret-key cryptography and developed for the secure transmission of payment information over the Internet and other electronic networks. The major advantage of SET over existing security systems is the addition of digital certificates that associate the cardholder and merchant with their financial institutions and the respective SET payment brands.

SSL: Secure socket layer (originally developed by Netscape Communications Corp.), an encryption protocol residing on a server that scrambles important data such as credit card numbers and order information while the data is being transferred from one computer to another.

Sources: SET Secure Electronic Transaction LLC; GTE Business Hosting