Gateway Of India

Have you received an e-mail with "Subject: Accepting Indian credit card payments on your web site" recently? If you have, then you probably just ignored it, saved it for future reference or maybe even deleted it without even opening it. 

Next time you get such an e-mail, don't ignore it. Even though the dot com fad has faded away, e-commerce in itself is not dead. It is here to stay and will slowly take its place in commercial transactions. It is a powerful tool worth watching out for and waiting for till it becomes more affordable.

To put it in a nutshell, the current pricing of these services is something like this. One-time fee of Rs 112,500, without any minimum monthly charge. A processing fee of five percent or Rs 25 whichever is less for every transaction. Which means the minimum transaction should be effectively Rs 500. 

This is a real quotation from a real company, but take these only as rough indicative figures, as every quotation is always subject to change without notice. There can also be some fine print. But if you are ready to shell out about Rs 150,000 for this experiment, go ahead and e-enable your web site. 

Changing the way you do business

Currently most customers who pay you by demand draft probably send it through a courier service. For such people, news of a payment gateway costing Rs 25 cost per transaction will come as good news. This will save them the cost and the trouble of issuing a DD, courier charges. You also save a substantial amount on the effective labor charges of processing the DD that you receive from your customer. 

In the new age payment gateway deployment, your delivery mechanism does not get affected at all. You still have to deliver the product to your customer in the same old way. When you think of any e-commerce application, don't forget that the real world delivery of a real world product will still have to be done the same old way. You can only improve the tracking mechanism via the Web. 

Credit card transactions

There are two types of services available to web site owners who want to provide the payment facility on their web sites: credit card transactions (CCT) and public key network transactions.

For CCT, the merchant web site is integrated to the payment workstations of the payment gateway provider. When a cardholder visits the merchant web site and selects various good and services, he is prompted to make the payment by credit card. 

The CCT can either capture the necessary customer information (name, credit card number, etc) from a merchant's own secure transaction page, or it can display a customizable transaction page hosted on the service provider's secure server, for the customer to fill out. The customer's information is encrypted using 40 or 128-bit secure socket layer (SSL) technology and sent to the transaction server. 

The server sends the data through the authorization network to the appropriate card issuer's bank, using a secure, proprietary connection. 

When the authorization process is complete -- this takes around five seconds -- the customer receives an approval or decline response and the transaction server stores the transaction. Transactions are automatically settled each day and are funded within two to three business days. 

You must also have the back end infrastructure for processing the orders received from the web site, so that the order fulfillment matches the speed at which a CCT takes place. 

Some payment gateway service providers can give you a virtual terminal to enter payment information manually if customers prefer to give their credit card information on the telephone, instead of submitting it on the site.

Address verification

To make the credit card usage more secure and prevent misuse, address verification (AVS) can be used. The responses generated can provide important information, which can be used to prevent misuse of the card. Some of the codes generated can be as follows:

• N - No match on address or postal code
• A - Address matches, postal code does not exist
• W - Postal code matches, Address does not work
• U - Address information is unavailable
• X - Exact AVS match
• E - AVS error 
• R - Retry, system unavailable or timed out 
• S - Service not supported by issuer 

If the delivery address does not match that of the cardholder, you can either reject the transaction or manually cross check with the cardholder for confirmation of the order before delivering the goods.

PKN Transactions

Another way of increasing security is to use the PKN transaction, which does not transmit the credit card number and other information directly on the Internet.

For PKN transactions, the cardholder enters PKN instead of the card number. The service provider using hardware security module processes this PKN, and the corresponding card number is generated. After this the transaction is processed in the same manner as a credit card transaction. The authorization response is returned to the cardholder and the merchant, and the settlement details are given to the acquiring Bank.

The payment gateway is not just html that you can copy into your web site to integrate it with the payment gateway. The gateway requires that the merchant web site be integrated into the gateway forms or API via CGI, ASP or other scripting languages. Some providers may help you in the integration while others may provide documentation to program into the gateway. 

All things simple and easy

To avail of a secure payment gateway solution on your web site, you will need to have a merchant account with an acquiring bank specified by the gateway provider. The gateway provider will provide you with payment client software. It will be the interface between your web site and the provider's server. 

An extensive browser-based merchant administration module can also be provided with password protected user level access to your account details. You will be able to generate reports that provide detailed information about all transactions. You will also be able to administer your account through this interface.

Looks simple enough? It need not be. When you get a quotation and an offer from a payment gateway provider, study the offer carefully, fine print and all. There may be hidden costs and additional integration costs. Your web site designer may not be competent enough to handle the integration and other processing. Evaluate the effective costs of all these possibilities to reach a budgetary cost estimate the payment gateway will soon be an affordable reality.

Ashok Dongre is an advertising and marketing professional, specializing in web site design.