How do I avoid the risks associated with handling credit card data?
Manual credit card processing in ezimerchant provides significant flexibility, particularly the ability to review the order prior to capturing the payment. It does so though at the expense of security because the credit card data is required in order to process the payments. In the past merchants requiring the flexibility of manual credit card processing had no choice but to use good practices to protect and destroy the credit card data as soon as practical, yet this situation was far from ideal.
Introducing Deferred real-time processing
Deferred real-time processing is a revolutionary payment processing system which provides all of the flexibility of manual credit card processing with the convenience and security of real-time processing. To fully understand the differences, each of the payment processing methods is described below. Find out more
Manual credit card processing
- Your customer places an order on your site, securely providing their credit card details.
- The credit card details are encrypted and stored.
- You receive an order notification advising that a new order is ready to download.
- You download the order using ezimerchant, the credit card data is securely downloaded.
- The credit card details are available for processing through an EFTPoS terminal or virtual terminal.
The credit card data being available to you is what provides the flexibility of deciding how much to charge (based on stock availability, freight charges, etc) and when to charge it. If the order is fraudulent, you don't process it, hence no risk of charge-backs. The disadvantage though is the risk associated with handling the credit card data.
Traditional real-time processing
- Your customer places an order on your site, securely providing their credit card details.
- The credit card details together with the order total are passed on to your payment gateway for immediate approval and processing for the calculated order amount.
- You receive an order notification advising that a new order is ready to download.
- You download the order using ezimerchant, no credit card data is supplied.
When compared to manual credit card processing, real-time processing is very secure because you don't have the responsibility of securing the credit card data. The disadvantage though is that you have no control over if/when the payment is processed. The amount processed will be the calculated amount. If you need to vary the amount because you don't have an item in stock, or you need to add freight, you will need to contact the customer for the credit card details, which puts you at the same risk as manual credit card processing.
ezimerchant Deferred real-time processing
- Your customer places an order on your site, securely providing their credit card details.
- The credit card details are validated through Payment Express and stored as a billing ID.
- You receive an order notification advising that a new order is ready to download.
- You download the order using ezimerchant, no credit card data is provided.
- The ezimerchant user interface provides functionality to capture funds. You choose when and how much. Multiple transactions are supported. Refunds are supported.
This payment method provides all of the flexibility of manual credit card processing with all of the security of traditional real-time processing, all through the ezimerchant Professional user interface. Using ezimerchant Deferred real-time processing it is possible to:
- Track the outstanding balance of orders.
- Add order adjustments.
- The outstanding balance will be automatically updated.
- Add and track payments against an order.
- The outstanding balance will be automatically updated.
- Multiple payments against an order are supported, making it possible to take progress payments or a deposit for special orders.
- Issue refunds.
- Each previously processed payment can be refunded up to the amount.