• (800) 846-4472
Digital Technology

4 Best Practices for Accepting Payments Online

Ecommerce isn’t a fringe sales channel anymore. Online sales are expected to grow 57 percent by 2018, up to $414 billion.1 An ecommerce website allows your business to be open 24/7, and makes it easier to attract customers around the world. Retail, hospitality, and service are a few of the industries benefiting from the new revenue online sales offers.

Whether you are considering ecommerce for your business or are already accepting payments online, following best practices can reduce your risk, save money, and improve operational efficiency. In this article, we’ll take a look at four best practices to help ensure streamlined, secure, cost-effective online payments.

Best Practice #1: Presenting information*

Make sure your customers know who you are and what you offer.

  1. Clearly display your contact information on every page of your ecommerce site, on shipping materials, and on all correspondence. 
  2. Use your company name or brand as your billing descriptor, which identifies your business on the customer’s credit card statement. Make sure to use a name customers will recognize, and include a toll-free telephone number.
  3. Send an email confirmation immediately after an order or refund is processed. Always indicate that the card issuer may require a full billing cycle to apply a refund and that it may not immediately appear on an online statement.
  4. Post clear policies for billing, returns, shipping, back orders, and privacy. Be sure to include this information in the content of order confirmation emails or via a web page link.

Best Practice #2: Cardholder data*

Make sure you know who your customers are, and gather the information needed to verify their payment information.

  1. Request complete customer information including email address, evening and daytime phone numbers, and shipping and billing addresses.
  2. Request all payment card information including the name as it appears on the card, the account number, card type, expiration date, and CID digits on the back of the card to establish the customer’s physical possession of the card
  3. Consider adding protecting by using, “Verified by Visa®” or MasterCard®’s SecureCode.” Ask your processor if these enhanced anti-fraud programs are right for you.

Best Practice #3: Protecting cardholder data*

Following are best practices provided by the Payment Card Industry Data Security Standards Council™, which is responsible for the development, management, education, and awareness of the PCI Security Standards.  

  1. Make sure your business is PCI certified.
  2. Make sure your payment processor is PCI certified.
  3. Protect stored data by using encryption to protect cardholder information stored internally, or tokenization to eliminate storage of cardholder information.
  4. Encrypt data sent across public networks including email, FTP, data streams, and phone lines.
  5. Restrict access to data on a “need to know” basis.
  6. Make sure any business partners such as fulfillment houses, call center, and marketing affiliates who have access to your customers’ payment information are protecting your customer’s data.

Best Practice #4: Processing orders*

The following can help reduce the risk of chargebacks, and result in lower interchange fees.

  1. Conduct an Address Verification System (AVS) check and contact customers for order confirmation on AVS failures.
  2. To test card validity prior to deposit, use a “Zero Dollar Verification” (ZDF), also known as an “AVS-only” authorization. Avoid “$1.00 Authorizations”, as these may appear in online statements and confuse customers.
  3. Each deposit should reference one and only one valid authorization. Do not submit deposits without valid authorizations (“forced deposits”).
  4. Ship within seven days of the authorization or obtain a new authorization.
  5. Submit your deposits to your processor within two days of shipment.
  6. If supported by your processor, submit your authorization Transaction ID with all deposits and refunds. This prohibits forced deposits and can reduce fraud.
  7. Use voice authorizations as a last resort. These bypass processors’ systems and cannot be used to refute chargebacks.

For more information about best practices for accepting online payments, contact us.

1. Internet Retailer, https://www.internetretailer.com/2014/05/12/us-online-retail-sales-will-grow-57-2018, (May12,2014).

*The foregoing is provided for information purposes only, and is not legal advice. You should review your compliance obligations with your own legal or other advisers.

Verified by Visa, MasterCard, and Payment Card Industry Data Security Standards Council are registered marks belonging to one or more unaffiliated third parties that do not endorse or sponsor Vantiv Integrated Payments, LLC.

Related Content

At Your Fingertips

Download the EMV Handbook

The impending shift in liability for card-present fraud is driving a transition to EMV. Are you ready? This handbook can help you prepare.

Get ready for EMV. We can help.

Vantiv Integrated Payments is ready for EMV and has the technology and a network of providers that merchants need to enter the new era of payments.

Find a local POS Provider

This free service helps you find a POS provider who can help you identify and implement the best EMV solution for your business.

Thank you for your interest in
Vantiv Integrated Payments.
We just need a little info to get started.