By Laura S. Quinn, January, 2007
It can be hard to understand how online payment processing works. Many different steps and a lot of jargon make it seem more complicated than it is. To help you see the big picture, we’ve laid out a typical payment process in diagrams.
Here’s the whole diagram – but don’t worry, we’ll break it down.
The Visitor Front End
Let’s start by considering the pages that your visitors see. These pages allow your visitor to define what they are paying for, instigate the payment process, and then enter their credit card and other information.
First, your visitor needs to choose what they are paying for – for instance, a donation, product, or an event registration. For a donation, this might be as straightforward as a “Donate” button, but selling products or events often involve complex functionality to show visitors what is available and to let them select what they want (for instance, via a “shopping cart”). If you’re selling products, you’ll also need to be concerned about calculating shipping and taxes. The mechanics of products, events, and shopping carts could each fill up an article of their own - for now, let’s assume that your visitor has selected what they want, and they have a fixed price that they’d like to charge to their credit card.
With a price defined, they then fill in a payment form with their information – at a minimum their name, credit card information, and address.
When your visitor enters their information and clicks “Submit”, a number of backend processes are kicked off.
The Payment Gateway and Fraud Prevention
The first backend process is a check of the credit card to try to verify that the card and the charge are valid.
When your visitor clicks “Submit”, a processor called the Payment Gateway takes over. The Payment Gateway – the little man in red in our diagram – handles the actual backend communications and transactions, contacting the bank, reporting back on the results, and moving the money.
The Payment Gateway starts by checking to make sure that the credit card number is valid. To decrease the possibility of fraud, it may also check to make sure that the address, name, or credit card CSV code (the three digit code on the back of the card) match. Fraud is unfortunately common even if you’re just processing donations, so these checks are an important step in the process.
If the card is rejected, the Payment Gateway sends back word to your website so that you can notify the visitor. Otherwise, the process continues.
The money is routed by the Payment Gateway into a bank account called a Merchant Account.
When the charge is accepted as valid, the Payment Gateway initiates a process by which money is transferred from the credit card company to a type of specialized bank account called a Merchant Account. A Merchant Account does nothing but hold credit card payments, but you can’t accept credit cards without one. Even if you have one for accepting credit card payments by phone, you may need a different one for online payments.
You can open your own Merchant Account, or use a vendor’s. For instance, if you accept payments via PayPal, you are relying on PayPal’s Merchant Account.
Thanks, Receipt, and Reports
With the payment successful processed, the visitor is notified that their payment went through, and the transaction is viewable in reporting tools.
When the payment gateway reports back that the card has been charged, the visitor is shown a confirmation screen confirming that everything went through successfully. They are also typically emailed a receipt at this point. Usually, any reports are updated in real time, so that you’ll be able to see within seconds that a payment was made.
You’ll need to determine how to get the payment data from the payment processor into your own database.
The reporting tools that automatically show the payment information are likely to be different from the application you typically use to track constituent information. In order to synch the two sources, you should be able to at least manually export a text file from the payment processing application and load that into your database. If you have many transactions, it’s also worth looking into ways that you can automatically synch the two data sources with the help of a programmer.
Receiving the Money
Last but certainly not least, the money needs to be moved from the Merchant Account to your bank account.
The money in the Merchant Account isn’t accessible to you. If the Merchant Account is in your name, however, the money will automatically be deposited into your more traditional bank account within a couple of days. If the Merchant Account is in a vendor’s name, that vendor will need to pay you. Vendors typically pay once or twice monthly, either via check or by wire transfer.
Putting it All Together
Whew! Payment processing isn’t straightforward, but it doesn’t have to be baffling. None of the steps are particularly technical or complicated - you just need a sense of the big picture.