Accepting online payments is one of the best ways to increase sales, please your customers, and grow your small business.
However, offering online payment is not without its challenges.
To get the convenience that comes with online payments, you first must overcome the difficulties of cross-border transactions, chargebacks, data security, and payment fraud.
Fortunately, there are simple solutions to these challenges, from the technology you can buy to strategies you can implement.
In this article, we’ll teach you how to get past these hurdles so you can securely and efficiently process online payments.
Cross-Border Transactions
The first challenge concerns cross-border online payments.
These can be inefficient because different parties involved in processing online payments tend to use different technologies and software, which can complicate data transfer and, in turn, slow down the speed of payment.
Not to mention, with more intermediaries involved in payment processing, the costs to the merchant go up.
For example, in the correspondent banking model (a popular way to handle cross-border payments), there might be as many as 4 banks charging a transaction fee:
Source: Fed Payments Improvement
This inadequate bank infrastructure makes it so business owners have to pay higher fees, as well as take on greater security risks to customer card data.
Solution: Online Payment Gateways
You can use international payment gateways, such as PayPal, to overcome many of the challenges that cross-border transactions present.
Paypal allows cross-border payments across 19k+ trade routes, and these payments account for 22% of their total payment volume.
Source: 3BL Media
Software tools like PayPal offer features like global accessibility and high responsivity, which make online payments between countries faster, cheaper, and more secure.
It’s also worth checking out local payment gateways that your customers abroad are familiar with.
For example, a business with a lot of customers in China might consider using AliPay, which is used widely in that country.
This allows you to offer customers the ability to pay with methods and interfaces they’re comfortable and familiar with.
This personalization is something they’ll surely remember when they discuss your service with their peers.
Chargebacks
Investopedia defines a chargeback as “a charge that is returned to a payment card after a customer successfully disputes an item on their account statement or transactions report.”
You want to avoid chargebacks for a couple of reasons. First, they’re costly to your business.
In general, you can expect to pay around $20-$50 per chargeback. Those costs can really add up.
Second, too many chargebacks can sound the alarm to a merchant account provider that you’re not following security best practices, and they’ll close your account, rendering online payment collection next to impossible, which can tremendously stifle your cash flow.
Chargebacks are commonplace in most businesses, and they have many causes.
Source: PSP Lab
But the reasons can be grouped into three categories: friendly fraud, merchant error, and true fraud.
Friendly fraud is when a customer just doesn’t recognize a purchase they made when looking over their statement.
Merchant error is when the merchant makes a mistake. Perhaps they double or triple charge the customer for a purchase.
Or they accidentally ship a customer the wrong product. It could also occur when a merchant doesn’t live up to the terms of purchase set out on their website.
Since online payment methods are card-not-present transactions, true fraud is a common cause of a chargeback.
This is when a customer whose card information has been stolen and used to buy one of your services files a dispute.
Solution: Eliminate Merchant Errors
The best way to handle the problem of chargebacks is to focus on eliminating the type of chargeback that you control: merchant error.
A low-hanging fruit on the tree of solutions to merchant error is having clear shipping and return policies, and sticking to them.
This way, customers won’t initiate chargebacks for things like delayed shipping. They’ll be aware of the policies your business has in place.
The same goes for writing clear product descriptions. A client who knows exactly what they’re getting is less inclined to ask for their money back.
They won’t receive something dramatically below their expectations that galvanizes them into filing a dispute.
Another way to reduce merchant error chargebacks is to improve customer service.
Often, a friendly and understanding staff member is enough to dissuade a frustrated customer from disputing a charge.
Some of the best practices you implement to reduce merchant error will also reduce friendly chargebacks — when customers get confused and report a purchase that they don’t recognize but did, in fact, make.
For example, by listing the correct and recognizable business name on your billing statements, the customer will instantly recognize your business as the one that serviced them.
These are just a few of the many ways to reduce chargebacks.
Card Data Security
If card data security isn’t taken seriously, small businesses offering online payments are vulnerable to security breaches and cyberattacks aimed at stealing credit and debit card information.
Unfortunately, small businesses usually suffer most from cybercrimes — 60% go out of business within six months of an attack, according to Cybersecurity Ventures.
They just don’t have the resources a big company does to recover from the theft.
Still, many small businesses don’t take data security seriously enough, and this neglect is one of the biggest mistakes you can make around online payments.
Here’s what Steve Strauss, a small business lawyer, heard from his computer guy in a conversation he shares in his USA Today article on cyberthreats to small businesses:
“I can’t believe how many small businesses don’t take cybercrime seriously! If they saw the businesses I have seen wiped out, they might start to take action. My business is booming because small businesses don’t know that they are target #1.”
Savvy hackers and cybercriminals can acquire valuable card information from merchants using various techniques:
| Phishing | Sending emails or text messages pretending to be a reputable company in order to influence the release of sensitive information such as a password or credit card number. |
| Malware | This refers to software used by cybercriminals to exploit any programmable network, service, or device and steal merchant data. |
| Ransomware | A type of malware that locks a user out of their files on their computer. Criminals then demand ransom payment for access. |
Letting your business become victim to one of these attacks damages not only your company but also your reputation with your customers, who may have had their sensitive payment information compromised.
According to research, these customers are more likely to blame the company than the cybercriminal for this tremendous inconvenience:
Source: Regpack
Other statistics surrounding data breaches are rather alarming:
- Nearly 76% of firms faced a phishing attack in the past year.
- In 2021, the US was the country with the highest average total cost of a data breach, at $9.05 million (IBM).
- The average total cost of a ransomware breach is $4.62 million, which is slightly higher than the average total cost of a data breach: $4.24 million (IBM).
In a world where data breaches are common, and the costs of successful breaches are incredibly high, hypervigilance in the form of preventative measures is essential.
This leads us to our solution to the data security challenge of online payments.
Solution: PCI DSS Compliance
The first step in protecting your small business from cybercrime associated with online payments is to start working towards a PCI DSS certificate.
That means implementing a set of data security standards that will allow you to securely process online payments.
All of the standards are aimed at improving card data security.
For example, one requirement is to use encryption so that a customer’s card data is turned immediately into unidentifiable symbols that can only be read by the merchant and financial institutions with the access key.
Even if a cybercriminal got the data, it would look like hieroglyphics to them.
Below are three of the 12 requirements for earning PCI DSS certification and how each one helps your business improve card data security:
| Install and maintain a firewall | Like a cell membrane protects a cell, a firewall protects your online card data environment by restricting incoming and outgoing network traffic based on the rules you set up. |
| Use updated anti-virus software | This type of software primarily helps protect you against malware that can infect your systems. |
| Have a policy that addresses data security | Ensure that your employees and vendors are kept informed on the best practices around data security. |
Once you earn the certificate, your business will be equipped to safely accept online cashless payments in various forms: credit card, debit card, ACH, etc.
To give customers a sense of comfort about their financial data, showcase the certificate on your checkout page, as is done below in the bottom left-hand corner of Yellowstone Forever’s website:
Source: Yellowstone Forever
Wary of cyberattacks, customers need reassurance that your business is doing all it can to protect their financial information.
Getting PCI DSS certification is the most effective way to do just that.
Payment Fraud
Online payments are card-not-present transactions, which opens them up to various types of payment fraud that can lead to chargebacks and other costs.
Since the merchant cannot see the card in the buyer’s hand, they cannot tell if the person placing the order is using their real card or card information they’ve obtained illegally.
This type of fraud is known as identity theft, and it’s been on the rise for some time now.
Unfortunately, in 2021 alone, there were 1,686,121 reports of identity theft, according to the FTC.
Source: The Ascent
And using someone else’s card information to make a purchase without their permission isn’t the only type of fraud being conducted.
Fraudsters might also engage in refund fraud, when someone exploits a retail business through their returns process, usually by returning a good they just purchased.
A common example of refund fraud is when someone lies and says they never received the product and then asks for a refund.
Here are some other types of fraud to watch out for:
Source: Seon
Unfortunately, it’s difficult for businesses using online payments to know which transactions need to be flagged as suspicious and manually reviewed. That’s where technology comes in.
Solution: Fraud Prevention Tools
Often, the best way to prevent online payment fraud is by using fraud prevention tools.
The main function of these tools is usually to run analyses to confirm a buyer’s identity and to find any indicators of potential payment fraud.
Common features include identity verification, automated risk analysis, rule-based risk scoring, and even data sharing, which shares transaction data with card networks and issuing banks to leverage these institutions’ advanced fraud prevention methods.
Below are some of the other main features of fraud prevention tools:
| Address Verification Services | AVS automatically checks to make sure that the address provided matches the card’s billing address |
| Order Validation Tools | These tools perform order validation using IP geolocation, BIN validation, reverse phone lookup, and address validation. |
| Fraud Scoring Tools | Either set up rules for when a purchase is flagged or use an advanced tool with machine learning to create the rules for you. |
| 3-D Secure 2.0 | This allows merchants to share transaction data with issuing banks and thus gain access to the bank’s fraud analysis tools. |
Some fraud prevention software might cover all of these, while others are point solutions.
Seon has a great article on the 12 best fraud prevention software on the market right now.
Check it out to learn which is best to protect your small business from online payment fraud.
Conclusion
Accepting online payments is essential for businesses these days for a variety of reasons.
Mostly, customers just love the convenience of paying on their phone or computer, and they’ll prefer working with businesses that make this possible.
Although there are some tricky challenges that come with accepting online payments, your small business can overcome them with just a bit of work and investment.
The issue of cross-border transactions can be solved with payment gateway software. Chargebacks can be dramatically reduced through the elimination of merchant error.
And the risks of card data security and payment fraud will decrease after you earn a PCI DSS certificate and invest in some effective fraud prevention tools.
Soon you’ll be automatically collecting tens of thousands of dollars in online payments each month, and you’ll be doing so in an efficient, cost-effective, and secure manner.
