I've spent some time researching the various approaches to accepting credit cards online. I haven't been impressed with the level of information I've found online about this topic. Few companies offering these services provide really good information online, and I also didn't find very much impartial information (reviews, tutorials, etc).
So, I thought I'd summarize what I found so far, in case it is of interest to anyone else. And, if you've had experience with anything I mention below, please contact me and let me know about it (weblog@karlnelson.net). Especially if I've said something incorrect!
First, here are the constraints I'm working under:
All of this is to say that your mileage may vary, and your circumstances may dictate different approaches than what I'm taking.
So, there are basically three approaches to accepting credit cards online.
The first, and more traditional approach, is to use a separate "merchant account" and "gateway processor". The user remains on your website throughout the entire transaction, and your server talks to the credit card servers to make the transaction. (I'm radically over-simplifying this. Authorize.net actually has a very nice diagram of the entire process.)
The two big processors seem to be Authorize.net and VeriSign . I wasn't able to find pricing for Authorize.net, but VeriSign's service costs $59.95/month (flat rate), with a $249.00 setup fee. A third one I ran across is NetBilling, which runs 1.5% + $0.15 for each purchase or a flat rate per transaction.
As for technology integration, Authorize.net looks fairly easy to interface with, especially given the Ruby Payment GEM. VeriSign's looks more challenging, possibly because they don't have much technical data on their website. Rather, they're assuming you're going to use one of the dozens of shopping cart applications that have integrated their system.
The merchant account is just a bank account set up to work with the processor. The processors seem to have banks they're set up to work with, and there seem to be hundreds of options.
The second method is the "all-in-one" approach. Like the first approach, the user stays on your website the entire time.
PayPal, in its Website Payments Pro service, is one provider of this method. One advantage is that it doesn't require a merchant account (the money goes into a PayPal account, and you would then transfer it to you bank account). As for fees, there is a $20/mo. charge, then 2.9% + $0.30 on each order. No setup fees. They have what looks to be a nice web service (SOAP) that shouldn't be hard to integrate into any system. I think PayPal has done a really nice job of providing lots of information, including a full user manual, in a clear and upfront way. Many of the other sites I've seen don't give you squat unless you give up your contact information.
But, there are a couple of little downsides to PayPal. First, you are required to allow users to pay via the PayPal website in addition to allowing them to enter their credit card info on your website (I'll talk more about this in the third section). And, they have some rules about when and where you can ask for certain information (like billing address). I don't think these are insurmountable, but they are issues. And, they do somewhat break the illusion that everything is happening at one site.
The third option is to use what I'll call a "pass-off" service. In other words, instead of keeping the customer on the your website throughout the entire process, when it comes time for them to enter payment information, they'll be directed to a third-party website. Once the payment info is entered, they'll land back at the your site. The advantage is that this is *very* easy to set up. No web service integration, no forms to build; just a little HTML that passes the user off to the third-party site. The disadvantage is that you lose some control over the user experience. It is really obvious that everything isn't happening in one place (although some services allow a level of customization so the third-party site could look like your site).
PayPal started out life as a provider offering this type of service, and, as I mentioned above, this option is still a part of their "Website Payment Pro" service. Going with the PayPal "standard" service would run 2.9% + $0.30 on each order, but without the monthly fee of the "pro" service.
Another service that looks similar is 2Checkout. They want $0.45 + 5.5% of each order, plus a $49 setup fee. I'm not sure what the advantage over PayPal is.
So, did I miss anything? Any suggestions? Experiences? Write me!
No, I'm not in Afghanistan. But my co-worker Michael is, and he's managed to find time to post a couple of great blog entries. Here is one about weekends, and another about a holiday. Check 'em out.
I was recently asked "what sort of RSS feeds do you read?" I follow about 250 sites (using Bloglines), so I thought I'd pick out a few high-quality favorites and highlight them. I'm going to skip the super-geeky sites, and focus on those that have a bit broader appeal. All of these are worth your attention, and I present these in no particular order.
Freakonomics Blog, written by the two authors of the bestselling book "Freakonomics." I enjoyed the book, and the blog has continued their interesting take on economics. Don't let the word "economics" scare you off. This is really about analyzing problems in a different way, and using data to get under the surface of problems.
Malcolm Gladwell is the well-known author of Blink and the Tipping Point, as well as a whole lot of really interesting New Yorker articles. He's a newcomer to blogging, but what he's written so far has been interesting.
Signal vs. Noise is written by 37signals, a web applications firm. I'm most interested in their development philosophies (captured under the title of "Getting Real"). While lots of their philosophy is specific to developing web applications, good portions of it can also be applied to non-web endeavors.
Guy Kawasaki is a former Apple evangelist, and current venture capitalist. He is also a newcomer to blogging, but has taken to it with a vengeance. He posts long, original, and very well-written content on a pretty regular basis.
O'Reilly Radar is written by the folks at O'Reilly, the computer book publisher (you've likely seen their distinctive books--with woodcuts of animals on the covers--in stores). O'Reilly's basic strategy is to keep track of what the "alpha geeks" are doing, and this blog focuses on what is new and notable in the tech world.
Joel on Software is written by Joel Spolsky, founder of Fog Creek Software. His posts are infrequent, but with a high signal to noise ratio.
Tim Bray is one of the authors of the XML specification, and currently works for Sun. His blog features well-written commentary on the technology world, with the occasional photo or bit about music thrown in for fun. His "On Search" series is a must-read for anyone interested in search.
Phil Windley is the former CIO for the state of Utah, and currently teaches at BYU. He has a nice ear for what is notable in the world of information management and technology.
Conn McQuinn is the Puget Sound ESD's Ed Tech guru (note: not his actual title). I think I can take some credit for getting him started in blogging, but he's taken to it quite nicely. It helps that Conn is a great writer, too. He mostly writes on technology issues as they relate to education, but does it in a way that is accessible and interesting to non-educators, too.
Presentation Zen, written by Garr Reynolds, is perfect for anyone who every needs to speak in front of people. Shoot, even people who have to listen to others speak in public will probably get some value out of this.
43 Folders focuses on "life hacks" – hints and tips to improve personal productivity and time management. Lots of great hints on keeping things together.
Tom Peters is the well-known management guru. His blog (which also features contributions from a number of other writers) provides a fascinating window into Peter's very active mind.
Scott Berkun is the author of a great project management book. He runs a couple of great mailing lists (project management and user interface design) that I lurk on. Berkun is also the author of a bunch of well-done articles.
Seth Godin is a marketer. Only, he's different from most marketers. He's got a very different view of marketing than most, and one that is broadly applicable.
Creating Passionate Users is about, well, creating passionate users. The authors, primarily Kathy Sierra, are coming from the world of software development (they're programming book authors, in fact), but, like Seth Godin, the ideas they post about can be used in many fields.
InfoMatters is the blog of Andrew Dillon, the dean of the iSchool at the University of Texas. He's only been blogging for a few months, and is a fairly recent addition to my aggregator. So far, he's written good stuff, and I have high hopes. I wonder how many other information school deans (or professors, for that matter) are blogging. I don't know of that many. None, that I know of, at my alma mater. Too bad, as it would be nice to have more voices on this topic from academia.