What is a payment gateway?

A payment gateway is the final step of the sales process on an ecommerce website. It’s the form in which a customer will input their credit card information in order to complete a purchase. Technically speaking, a payment gateway is a piece of software that is connected to a server somewhere. This software has to be extremely secure as it transmits payment information back to the server, which then communicates with banks to facilitate transactions.

How does it work?

The payment process usually occurs as follows:
 

1. A customer places an order by clicking ‘checkout’, ‘submit order’ or something along those lines.
2. They then proceed to the payment stage where they will have to input credit card information into a form. The payment form can either be embedded on the original website, or the customer will be redirected to an external form hosted by the payment gateway provider. This form will be protected by SSL (secure socket layer) encryption.
3. Wherever the form is hosted, the payment information (which includes credit card details, amount of transaction etc) will be sent to the payment gateway provider, again, encrypted with SSL.
4. The payment gateway then forwards the transaction information to whichever payment processor is used by the merchant’s bank.
5. The payment processor then forwards the transaction information to whichever bank issued the customer’s credit card.
6. The bank then responds to the payment processor with a transaction approval or rejection.
7. The payment processor forwards this result to the payment gateway, who in turn, forwards it to the website merchant and cardholder.
8. This process usually takes only 2-3 seconds and results in the ‘transaction approved’ message being displayed.
9. The merchant then fulfills the order and the banks handle the actual transfer of funds which can take 2-3 working days.

How to set up a payment gateway

Step 1: Before you can set up a payment gateway, you’ll need to set up a business merchant account with your bank. This is the account that all the payments will be transferred into. If you are already a retailer, you should such an account already.

Step 2: This step can be completed at the same time as Step 1. While you’re talking to your bank, ask them for a ‘merchant facility’. This will allow a payment gateway to connect directly to your bank account and deposit funds into your account from orders processed through your website. 
 
Step 3: Speak with your payment gateway provider to set up an account and link your bank accounts with their software. You may want to take this opportunity to ask any questions you might have about implementing their software into your website.

Step 4: Now that all the accounts are set up, you can integrate the payment gateway into your ecommerce website. Obviously this can take some technical knowledge, so should be done by an experienced developer to ensure everything is secure and will work properly.
 

Are payment gateways secure?

Major credit card companies (Visa, Mastercard, Amex etc) have set certain requirements for organisations that handle their payments. These requirements are known as the ‘Payment Card Industry Data Security Standard, or PCI DSS.

There are 12 requirements in total:

1. Install and maintain a firewall configuration to protect cardholder data.
2. Do not use vendor-supplied defaults for system passwords and other security parameters.
3. Protect stored cardholder data.
4. Encrypt transmission of cardholder data across open, public networks.
5. Use and regularly update anti-virus software on all systems commonly affected by malware.
6. Develop and maintain secure systems and applications.
7. Restrict access to cardholder data by business need-to-know.
8. Assign a unique ID to each person with computer access.
9. Restrict physical access to cardholder data.
10. Track and monitor all access to network resources and cardholder data.
11. Regularly test security systems and processes.
12. Maintain a policy that addresses information security.

Most major payment gateways on popular websites are kept safe and secure. Websites hosting their own payment gateways however, may not have to comply with all the requirements. Laws will vary by country as well. United States federal law does not require organisations to comply with PCI DSS, for example. If you are processing your own payments, the security of the transaction is your responsibility and you may be liable for any breaches. Think about what your customers want/need when deciding how to set up payment processing for your website.

Many payment gateways also provide tools to automatically screen orders for fraud and calculate tax in real time prior to the authorisation request being sent to the processor. They use various methods to achieve this such as geolocation, velocity pattern analysis, blacklist checks, delivery address verification, etc.

Direct Payment Solutions (DPS)

DPS evolved from CSD, the software development company which produced and certified several leading processing solutions including the OCV Server (which was subsequently licensed to Ingenico), ANZ and St George banks in Australia, and PC Eftpos (the first integrated Windows POS / EFT-POS solution). In 2000 the PC EFTPOS technology was spun off in a multimillion-dollar deal to the ANZ bank and DPS replaced the legacy OCV Server with a next generation, zero hardware solution: Payment Express.

Payment Express is a leader in payment technology and offers a range of secure solutions to businesses with their PCI DSS compliant services. They are certified with Visa, MasterCard, American Express, JCB, Discover and Diners. Payment Express is one of the largest integrated EFTPOS and ecommerce switching providers in the Asia-Pacific region, and are certified in over 10 regions, with multiple banks.

Zeald has a long-standing relationship with Payment Express and is also a Payment Express Premium Partner, enabling us to provide our clients favourable rates, high levels of service, and plans tailored to suit a range of payment gateway needs.

If you need help setting up a payment gateway on your website, or have any other questions about ecommerce websites, please request an audit from our Google Certified experts.

There’s a lot to think about when it comes to deciding on who will define your brand online. It’s important therefore to make the right choice of website developer. You want to make sure they understand you, and more importantly your company, in order to convey your message as accurately as possible. Even if you have all your content ready, it’s not as simple as clicking upload and watching text and images come together to form a beautiful website. So what else is there to do? Why do so many businesses enlist the help of digital agencies to help them set up their online presence?

The decision is usually based on the following factors:

• Price
• Ease of use
• Scalability
• Ongoing support

For a website to be successful, it needs to be done right. That’s why businesses will often turn to the experts. With such an array of options available when it comes to website design, it can often be hard to make the right choice. So let’s take a look at each option, and hopefully, the answer will become clear.
 

DIY

There are numerous options available these days that enable you to have a crack at website development yourself. WordPress, Shopify, and even Zeald’s own product 'Tripledash' all exist to empower the average computer user with the tools needed to create a basic website. While this may seem like the cheapest option, you will still need to select a software package, purchase the software, learn how to use it, and spend the time creating the website yourself. The time and effort spent on this can quickly multiply and end up costing you a lot more than expected. When choosing a website developer, you also have to look at the cost over time, not just the upfront build.

This DIY method is often used as an initial attempt by small businesses or startups, simply due to cost. Unfortunately, the results are often lacklustre, and these businesses often end up enlisting the help of experts in the end regardless. The reason for this is that it takes a huge amount of time to learn not only how to use the software, but also to understand the techniques and methods used to make your website a success. Professional designers and web developers usually have a tertiary education and/or years of experience.

That’s not to say that this option won't work for you. Every business has their own specific requirements, and if you believe a DIY solution can fulfil these requirements then by all means, give it a go.

ACQUAINTANCES

So your aunty heard you’re looking for a website developer and “totally has a friend good at computers, has hundreds of YouTube subscribers and can like, fully build a website for you”. Avoid these situations at all costs! Unless you have seen evidence of what this person can build, and know that they are organised enough to see a project through to completion, then it just isn’t worth the hassle. 

Time and time again business owners are let down by acquaintances or ‘friends’ who “will get on that right away!”. They wait and wait, and rarely see a complete website of any kind, let alone a successful one. 
 

LONE WOLVES

A lone wolf web developer is any one person that offers a complete website build (and sometimes enlists their friends to help out). A lone wolf developer can have certain advantages, however quality can vary wildly. Who knows, you may come across a talented developer just starting out, eager to prove themselves, who puts a lot of effort into building you a quality website for an affordable price. Sadly, this is not commonplace.

A successful website requires a rare combination of artistic, technical, online sales and marketing skills. These skills are not often found in one person, and if they are, they will have been garnered from years of experience. Needless to say, these people probably aren’t working as solo developers; a large agency will be quick to snap them up. A one man band will have a weakness, and it’s not fun for any business to find out what that weakness is by becoming victim to it. 

WEBSITE DEVELOPMENT AGENCIES

A dedicated website development company specialises in the ideation, construction and development of successful websites. They have the combined knowledge and experience of multiple website professionals and the ability to tailor a solution for your specific requirements. Just like a rugby team has specialist players in different positions, a website development agency will have specialist experts in different areas like graphic design, website customisation, and copywriting. This team dynamic ensures the finished product has a certain standard of quality across the entire site. Of course, different agencies will have differing levels of quality, so business owners will definitely have to do their due diligence before deciding who to go with. 

The benefits of going to an agency with your website needs are similar to the benefits of doing business with any large company. Large companies are often large because they’ve produced good work and get a lot of business as a result. Experience plays a huge factor as well, as they may well have worked with similar businesses in the past and know exactly how to bring about online success in your industry. The fact of the matter is, you are most likely going to get the best results from a website developer that knows what they’re doing, and you won’t be able to enlist their help without a significant investment. 

One of the biggest advantages to enlisting the help of an agency, is the level of ongoing support. As your website evolves and develops (as any successful website should), things will break. Having someone there to help you in these situations is invaluable for any business. Look at testimonials on the website of your prospective web developer, or attempt to talk to existing clients to get an accurate idea of the level of ongoing support. This assistance isn’t just required when things go wrong either. If you need help making any sort of change to your website, a team of developers are going to be able to get this done much more efficiently than any other option.


The same advice applies no matter which path you might take. Make sure you do your research, and actually use the websites that your potential developer has built. Don’t just look at pictures of their designs. Create accounts, click all the links, maybe even purchase something from websites they’ve built. Read case studies to learn how these websites have helped businesses get results online. You’ll soon learn who makes the websites that would work for you and your business. Generally speaking in regards to website development, and many other similar industries, you get what you pay for.

At Zeald, we take pride in providing online solutions for businesses and budgets of any size. Discover how we can help your business by chatting to our Google certified experts, or requesting a free, no obligation audit of your current website.

ATTENTION ALL ADWORDS ADVERTISERS: Google search ad content is about to double! 

Just last week Google released Expanded Text Ads, the updated format of Standard Text Ads. This may sound like a generic update, but it could be the change that takes your brand to the next level.
 

What’s changing?

To give you a refresher, let’s review what Text Ads are. 

Text Ads are Google’s simplest ad format which appear at the top, bottom and at the right hand side of search results. With the update however, they will only appear at the top and bottom. These ads are composed of three main parts: the headline, display URL and description.  

Here’s what’s new:

Upgraded components	Standard Text Ads (STA)	Expanded Text Ads (ETA)	Benefit
Headlines	25 characters	2x 30 characters	More prominent headlines and room for creativity.
Display URL	35 characters	2 paths x 15 characters	Domains are now automatically extracted from your final URL. Two URL paths can now be customised.
Description lines	2x 35 characters per line	80 characters	A single, consolidated description line improves the overall ad design.

 
 You can see the visual differences here:



Google has implemented these changes for three main reasons:

• Improved user experience.
• Mobile focussed design.
• Consistency across platforms/devices.

Google will cease to approve ads in STA format, and fully implement the ETA format by October 26, 2016.