If, like many New Zealand online retailers, you’re trying to get your head around the complexities of payment gateways, you need to read this guide!
This in-depth article will walk you through the key things you should look out for when trying to implement an online payment system in New Zealand, including details on the dreaded ‘internet merchant bank account’.
What is a payment gateway?
Payment gateways are an internet-based virtual system that help to facilitate e-commerce
transactions between a merchant and consumer. They process payments by verifying credit cards
and accepting, or declining, the payment on behalf of the seller.
In order to have a payment gateway service enabled on your website, you will need to sign up with a
gateway provider and open a special bank account, called an internet merchant account. This is
where your money will be transferred after it has been collected on your behalf. We’ll discuss these in
more detail later in the guide.
How do online payment gateways work?
When a customer places items in their shopping cart and selects the option of paying by credit card, a payment gateway service takes over the payment process on behalf of the merchant.
So, what happens next?
- The customer’s credit card details (entered after checking out) are encrypted by the buyer’s web browser using an SSL encryption. This data is then forwarded to the merchant’s site for further action.
- Purchase details, i.e. the total amount, are conveyed by the merchant’s website to the payment gateway for processing. Here too, the information goes through SSL encryption before being forwarded.
- This information is taken by the gateway and conveyed to the merchant’s bank account.
- The information is accepted by the seller’s bank and the transaction details are forwarded to the buyer’s bank for authorisation by the card issuing authority.
- Now, the buyer’s bank can either accept or reject the payment, which will be done based upon a number of factors. The card issuing authority will generate a response code based on whether the payment was accepted or rejected.
- This response code now returns to the payment gateway and is transmitted back to the merchant’s bank account. Here the information is interpreted as relevant or not, and is forwarded to the buyer and the seller.
- The transaction details are then sent to the merchant to inform them on whether the sale has been made or not. It provides both the buyer and the seller with a transaction ID for future reference.
- If the buyer’s bank approves the payment, the sale is clocked and the money is deposited into the seller’s bank account at a scheduled interval.
Additionally, the seller has to submit all the authorised payments in a batch to their bank at a predetermined interval. The bank then deposits the approved amount to the seller’s bank account. This entire process can take two to four days depending on the settlement schedule.
How is an online payment gateway different to a shopping cart?
Shopping carts and payment gateways, while often confused as the same thing, are in fact two separate components of the payment process. Shopping carts allow customers to select products and services on an e-commerce website and ready them for purchase. Payment gateways facilitate the process of payment.
Payment gateways offer versatile payment options to customers.
What are the benefits for merchants?
1. Tap into new customers
As e-commerce builds popularity, merchants will need to be able to offer a variety of payment options to ensure all customers can pay for their items. A payment gateway designed for the New Zealand market will enable your business to offer the variety required (and expected) by the modern consumer.
2. Streamline your cashflow
When conducting business over the internet, you can’t treat payments like you would physical cash at a brick and mortar store.
If you conduct business online but only accept payment retrospectively (i.e. you send out an invoice and the customer pays directly into your bank account), then your cashflow may well be inconsistent. Should enough customers delay (or avoid) their payment, your ability to grow your business be delayed in kind (although, internet banking solutions such as POLi or Account2Account can also help with this).
Similarly, if you run any kind of service which charges customers on a recurring basis, you will need to request their payment information every time. Again, the risk here is that payments are late or missed altogether. Again, this impacts your cashflow.
Businesses that can offer payments at point of purchase are better able to reconcile their accounts, as cashflow directly matches sales. This is better for running your business.
3. Reduced security concerns
NZ’s payment gateway providers spend a considerable amount of money on investing in security so you don’t have to.
But let’s say you decided not to use a gateway and instead opted to collect, store and process all of the credit data yourself. What would be the implications?
In short, your business would be held accountable for the security of that data. Should your servers crash, or your website suffers a security breach and that data was made vulnerable to theft (or lost), you would have a legal nightmare on your hands.
Gateway providers take care of all of this, as it’s part of their service.
What are the benefits for customers?
Online payment gateways provide a convenient, quick, and secure way for customers to make a payment through their choice of medium, such as a credit card.
All gateways must comply with the Payment Card Industry Data Security Standard (PCI DSS), which offers a minimum level of fraud security and protection for customers and, by extension, merchants.
Customers also tend to feel more assured in providing credit card details to a trusted third party, rather than to a web owner themselves.
What do payment gateways charge?
Like most services, payment gateways charge a fee. However specific payment structures differ between providers, which can be quite confusing for people starting out.
Payment gateway fees may include any or all of the following:
Fees are often charged on a per-transaction basis as a percentage of the transaction amount, varying between 1-6%.
In addition, payment gateways also sometimes charge a flat rate fee per transaction to cover the merchant sales fee (MSF) levied by the credit card schemes. The credit card company, merchant account service and payment gateway share this commission.
Fees vary from company to company.
Most payment gateways charge a monthly fee as well. In some cases, this is actually a tiered system with the fee increasing by the number of transactions and services used.
Monthly fees typically include the administrative charges for your account, plus fees for services such as fraud detection, auto billing and customer support.
This is the initial sign-up fee that you may be charged for initiating a merchant account. It’s usually a one-time charge, and varies from one service to another. To give you an example, Flo2Cash, included in our list of payment gateways in NZ below, charges about $150 for setup.
Depending on your service, you may be charged other fees as well. These could include chargeback fees, security and support, fees for recurring billing, and currency conversion charges for international payments.
Any kind of online payment bears with it a degree of risk.
How risky is using a payment gateway in NZ?
Like any financial service, there are some risks involved in using a payment gateway. The biggest two here are credit card fraud and prepayment risk.
Credit card fraud
Credit and debit card fraud occurs when someone’s card details are stolen and then used to make purchases online by a person other than the cardholder.
How do people’s credit card details get stolen? Card details can be stolen while a customer is physically making a point of sale swipe, via email or phone scams, or through phishing attacks. Once the thief, scammer or hacker has a card’s details, they are able to make purchases online.
It should be noted here that all reputable payment gateways have procedures in place to prevent such fraud.
A prepayment policy is where the purchaser has to pay for goods or services in advance of receiving them, e.g. paying a subscription service in a lump sum at the start of the year instead of paying each month.
In this scenario the customer pays the merchant in advance, with the belief that the goods have been purchased, will be delivered on time, will be of the expected quality, and will arrive in good condition. If for some reason the goods are not as specified, or cease to be available (e.g. the website being paid closes down), the customer is at risk of losing their money.
Most payment gateways have stringent policies regarding prepayment. These ensure that the customer does not lose their money, and that it can be returned to them if there is a dispute.
A comparison of NZ’s top payment gateways
New Zealand is a nation of online shoppers, with half of all Kiwis now shopping online (NZ Post). In order to capitalise on this growing e-commerce market, you’re going to need to be able to provide options for online payments – and that means investing in a payment gateway.
So which are the providers to investigate here in NZ? The top five available include:
Flo2Cash, Paystation and Windcave are all local companies, while Bambora and Stripe are headquartered overseas.
To help you understand at a glance the difference in offerings and price between each payment gateway, we’ve written up a handy guide. Check it out at “Top 5 New Zealand Payment Gateways”.
Key Features to look for in a Payment Gateway
There’s no one-service-fits-all when it comes to payment gateways. As every business is unique, so too are payment gateways and the options available to merchants.
First, you have to ask yourself a question:
What is your business situation?
From a business perspective, there are a few things you should strive to be clear on before you embark on your selection process.
- Will your business trade entirely online or will there be a mix of online and physical payments? What are the proportions?
- How rapidly do you expect to grow?
- How many transactions will take place each month?
- Will your customers likely want to use a mobile device or just a computer?
- Do you envisage charging deposits or recurring payments (or both)?
With your answers in mind, you can now begin to directly compare features of NZ’s payment gateway providers to determine which fit your needs now, and which may fit your needs in the future.
Core payment gateway features to look out for include:
1. Currency support
In an increasingly digital world, the opportunity to sell to customers in other countries (such as Australia) can arise very quickly. It’s not uncommon to begin trading over the ditch within a business’ first 12 months!
If you intend to offer goods and services to overseas customers, you must ask your payment gateway a couple of key questions:
- Which currencies will the payment gateway accept from the buyer?
- Which currencies will the gateway pay out in to the seller?
Your payment gateway might only function in certain countries, such as NZ or the USA, but may be capable of processing credit card payments from whatever country the credit card holder resides in. Similarly, the gateway may process the sale in the seller’s currency or provide currency conversion at the point of sale, enabling international shoppers to see the price of goods in their domestic currency.
- HINT: Before you do anything else, check that the gateway will operate in your home country. This sounds obvious, but it’s easier to miss than you might think.
2. Hosted checkout
Most gateways offer a hosted checkout option. When customers are ready to pay, they are redirected to a ‘hosted’ payment page, which enables them to complete the transaction. They are then redirected back to the seller’s website.
Pros of a hosted payment gateway
- Easy to implement with very little technical knowledge required.
- Usually a more cost effective solution for startups and small businesses.
- You can typically style elements of the hosted pages to make them look and feel more like your brand.
Cons of a hosted payment gateway
- Redirecting customers to a separate set of pages can often make them feel uneasy, given that their money is involved.
- There is the potential to have a greater number of abandoned payments as a result of being redirected.
- Even with branding, the environment rarely reflects your website’s design to the fullest.
3. Integrated checkout
An integrated checkout means that the checkout and payment all take place within a single environment – your website.
Pros of an integrated payment gateway
- They tend to look more professional.
- They feel more secure and trustworthy.
- As they can be tailored, they often work better with other add-ons you have in your store (and thus can increase conversion rates).
Cons of an integrated payment gateway
- They require more technical expertise to implement than hosted alternatives.
- They are typically more expensive.
4. Mobile and point of sale (POS) support
If you run a business that accepts payments via an electronic POS terminal as well as online, you need to ensure your gateway supports and integrates with both. It is ideal to have all your payments processed in one place. There really is no benefit to having to manage two different systems with their own fees and policies.
For those of you who use mobile devices for receiving payments, consider a payment gateway solution that integrates with your mobile operating system (i.e. Android or iOS).
5. How it processes refunds
Sometimes you will need to offer customer refunds. To ensure this process is as smooth as possible, you should explore how they are managed by each gateway you’re considering.
Some gateways actually offer a refund module that is integrated with your merchant account, so you can seamlessly update all systems with the new payment information. However, this is quite sophisticated and many gateways don’t offer this level of integration.
6. Rebilling and monthly billing (i.e. membership fees)
If you need to offer your customers the option of paying in installments, or any kind of recurring billing, you will need a gateway that offers this functionality.
7. Security and reputation
The security and reputation of the payment gateway you ultimately choose can and will have a huge impact on your business’ reputation. Therefore a key selling point of using any gateway must be the security it offers your customers.
Do your homework: Ensure the gateway is secure and conforms to the PCI DSS – at a minimum!
Also, look into how this service stores and uses customer data. Does it retain data? If so, why and for how long does it retain it?
- HINT: Seek impartial reviews of the services online and see what other merchants are saying on social media about their experiences.
8. Pay-out policy
Payment gateways act as an intermediary between the customer’s credit card scheme account and the merchant’s internet account. The time it takes a payment to land in your bank account following a completed transaction can vary greatly from one gateway provider to the next.
All gateways pay out monies in batches that are processed periodically – daily, weekly or monthly. Depending on your business model and cashflow, you may want to look for a gateway that makes more regular payments – unless you have sufficient operating funds, in which case you have more freedom to explore options.
The level of support you can expect from your gateway provider is of critical importance. Be aware that service levels are typically tiered; if you want a greater level of service, you have to pay more for it.
Figure out if the extra support is worth it for the extra cost to your business. Research your options and see what each provider’s existing customers have to say about their service.
13 key questions to ask when choosing a payment gateway
1. Will I need an internet merchant account?
This is possibly the most important question you can ask. Do not skip this step! While most mid-large online businesses will likely prefer to use their own internet merchant account, smaller businesses could find this a daunting prospect.
2. What currencies do you support in addition to NZD?
It is critical that the gateway operates in New Zealand and accepts NZD. However, you must also plan for future growth as we discussed earlier.
3. Do you offer integrated checkout?
Should your business desire a seamless customer experience with no website redirects, you need a gateway that offers integrated checkouts. Different providers will offer different levels of integration.
4. How are refunds handled?
It is inevitable that you will have to process refunds from time to time. Therefore, you will want to be confident knowing that your chosen gateway can handle such requests in a timely and stress-free manner (for both you and the customer).
5. How secure is your service?
As we discussed earlier, your gateway should comply with the PCI DSS at an absolute minimum. Your reputation – and your customers’ information – is on the line.
Note that payment gateways may also offer additional levels of security for a tiered fee, which you will have to compare across payment providers.
6. What is your payout policy?
If your business has cashflow problems, you would be wise to look for a payment gateway service that offers regular, small payouts over infrequent, larger ones. Payout policies will vary greatly between providers.
7. What rebilling services do you offer?
Rebilling is a useful service for any merchant that might have a need to charge its customers multiple times without having to take their payment information each time. Crucially, this means that the payment gateway you choose must be able to store customer payment details so that they can be used in this manner.
8. How much does your service cost?
As you will have read when we compared NZ’s online payment gateway providers, gateways are neither free nor consistent with each other in their pricing. You will have to factor how much you are willing to pay per month and per transaction into the question of which gateway to ultimately choose.
If a payment gateway’s fees are not readily available, don’t hesitate to reach out to their customer service team. It is also worth noting that many providers offer customised package deals for larger customers, which may suit your organisation better if you can’t find a fee structure that works for you.
9. What are the terms of your contract?
It is critical that you fully understand how the gateway will use the sensitive data it processes on behalf of your business. You must also know how easy it is to cancel your service and what, if any, information you can take with you after you depart.
If you require an internet merchant account, there is even more paperwork!
10. Is it easy to set up the gateway?
This is a question perhaps more relevant to smaller businesses with lower levels of technical expertise.
Some gateways in NZ are incredibly easy to set up, whereas others can be more complicated. Always confirm which merchant accounts it will work with and consult the support documentation before making a decision. If in doubt, hire the services of a professional.
In addition, try to seek out clear instructions from all parties for how to connect your payment gateway to your website, merchant account and your business bank account.
Of course, whether you choose a hosted or integrated checkout will also change the level of complexity involved during the installation/integration stage.
- HINT: Try to find a way of running the gateway in a development environment and always read the support documentation before making a decision.
11. What will my customers see on their credit card bills?
This is an easily overlooked step, but it could affect your relationship with customers. Some gateways will show their company name on the statement, where others may allow you to personalise the details with your own business name.
Bottom line? Find out how the charge will appear on your customers’ bills and tell them before they purchase.
12. Who owns my data?
You are going to be processing large volumes of sensitive and important data – credit card details, payments, orders and refunds to name a few. Before you sign up for any gateway service, ensure that you know precisely who owns the data that has been collected.
13. How easy is it to cancel the service?
You should know how to go about cancelling your subscription to the gateway service if you had to. You might need to give a notice period, pay a buy-out fee, or be forced to complete your contracted term. When you are dealing with a subscription as fundamental to your business as income and customer payment data, it pays to know.
The application process for merchant accounts can be quite lengthy (and expensive) in New Zealand, and it will involve a credit check (often an issue for startups that don’t have 24 months of business accounts).
So, what is an Internet Merchant Bank Account?
Anybody who has begun the process of researching payment gateways will have heard the words ‘Internet Merchant Bank Account’. Some gateways seem to offer them as part of the package whereas others simply tell you that you need one before you can even start!
So, just what are these Merchant Accounts and why do some gateways offer them while others don’t? And why do I have to do a credit check to get one? Help!
What is a Merchant Account?
Internet Merchant Accounts are critical parts of a payment gateway. The downside is it’s hard to explain how they work, what type you need and how to get one.
A Merchant account is a special type of bank account that receives and holds funds that have been authorised by the payment gateway. It holds onto these funds for a defined period of time before transferring them to the business bank account in batches. That way, your business account is not receiving hundreds (or thousands) of individual deposits each day.
There are two types of Merchant Accounts.
A dedicated merchant account is one that belongs only to you. To get a dedicated Merchant Account, you will need to sign a legally binding aggreement with the issuing bank and you will usually have to go through an in-depth credit check. The payment processing companies take a risk every time they process a credit card transaction on your behalf as they bear the costs of credit issues and chargebacks.
So, it’s a complicated business and you will have to jump through a considerable number of hoops to satisfy all that you are not a risk to the underwriters.
Do you even need a dedicated merchant account?
That’s a good question and, as always, it comes down to the size of your business and volume of sales you are projecting. If you only expect to process 50 credit card transactions per month, it might not be worth the lengthy (and fairly costly) Merchant Account application process. (As well as the assortment of fees, legal contracts and terms of service.)
If you do project decent volumes of credit card transactions each month then a dedicated account could be a good bet. It would give you a lot more control over your money than an aggregator account (see below) in particular the speed at which you can access funds.
You will sometimes see a merchant account bundled in with a Payment Gateway’s payment processing services. An example of this in New Zealand would be DPS. This approach will typically charge transaction fees based on the volume of transactions processed each month on a sliding scale. See more on fees later in this chapter.
An aggregator account is the second type of merchant account. Think of these accounts as a shared resource for a range of companies utilising the service. Rather than your bank processing payments on your behalf (and taking on the risk), the aggregator does it instead. A well known example is PayPal.
Aggregator accounts are often very appealing to smaller companies and start ups as they are far easier and faster to set up than dedicated accounts.
You have far less control over your money with an aggregated service particularly with regards to how long pay-outs can take (often 5 working days plus). Also, the simplicity they offer typically comes at a cost although many of the aggregators also streamline their fees (PayPal operates at a flat per-transaction rate with no monthly fees).
If your online business only processes a few hundred transactions per month, you might want to consider this option. It is lightweight, easy to set up and get running and, while not necessarily cheaper, the fee structures are certainly simpler.
Internet Merchant Bank Account Fees
Like all services there is a fee for establishing and using Merchant accounts. The fees will vary from one bank/provider to another but watch out for these fees in particular.
Most providers charge an annual maintenance fee from merchants. This can vary from one provider to another and can be anywhere from $79 – $400.
Some of the fees charged are monthly fees. The statement fee is one such fee and is charged every month. Another monthly fee is the Monthly minimum fee, which is the minimum amount a merchant, will be charged irrespective of the actual processing charges.
Early termination fees
Some providers may charge a fee if a merchant terminates an account before the end of the contract term.
Merchant Service Fees (MSF)
The MSF is the fee paid to the credit card scheme providers for using their credit facility. Sometimes this fee is rolled into general transaction or account maintenance fees but it is good to check.
There are a host of other fees that could be charged to a merchant including those for customer services, batch payments, chargebacks and transaction fees.
So, what is an internet merchant bank account?
As promised, here’s everything you need to know about having an internet merchant bank account in New Zealand!
Anybody who has begun the process of researching payment gateways will have seen this term used many times – including in today’s article. Some gateways seem to offer them as part of the package, whereas others simply tell you that you need one before you can even start.
So, just what are merchant accounts, and why do some gateways offer them while others don’t? And why do you need a credit check to get one? Let’s dig into it.
What is a merchant account?
Internet merchant accounts are critical parts of a payment gateway.
- Merchant accounts explained: A merchant account is a special type of bank account that receives funds that have been authorised by a payment gateway. It holds onto these funds for a defined period of time before transferring them to a business bank account in batches. This way, your business account is not receiving hundreds (or thousands) of individual deposits each day.
Merchant accounts vs. payment gateways
A payment gateway facilitates online transactions between a merchant and their customers, and processes such payments. A merchant account is a holding place for the buyer’s money, where it waits to be deposited into the seller’s business bank account.
There are two types of merchant account:
1. Dedicated account
A dedicated merchant account is one that belongs only to you. To get a dedicated merchant account, you will need to sign a legally binding agreement with the issuing bank, and undergo an in-depth credit check.
Payment processing companies take a risk every time they process a credit card transaction on your behalf as they bear the costs of credit issues and chargebacks.
So, it’s a complicated business and you will have to jump through a considerable number of hoops to satisfy everyone involved that you are not a risk to the underwriters.
Do I need a dedicated merchant account?
It comes down to the size of your business and the volume of sales you are projecting. If you only expect to process 50 credit card transactions a month, it might not be worth the process (as well as the fees).
However if you do project decent volumes of credit card transactions a month, a dedicated account could be a good bet. It would give you a lot more control over your money than an aggregator account (see below), in particular the speed at which you can access funds.
One more thing: You will sometimes see a merchant account bundled in with a payment gateway’s payment processing services. Those using this approach will typically charge transaction fees based on the volume of transactions processed each month on a sliding scale. Windcave’s fees are an example of this in New Zealand.
2. Aggregator account
Think of an aggregator account as a shared resource for a range of companies utilising the service. Rather than the bank processing payments on your behalf (and taking the risk), the aggregator does it instead. A well-known example of an aggregator is PayPal.
Aggregator accounts are often very appealing to smaller companies and startups as they are far easier and faster to set up than dedicated accounts. That said, you have far less control over your money, particularly with regards to how long pay-outs can take (often five working days, if not more).
Also, the simplicity aggregator accounts typically offer come at a cost – although many of the aggregators also streamline their fees (PayPal’s fees, for instance, are a flat per-transaction rate with no monthly charges).
Do I need an aggregator account?
If you only process a few hundred transactions a month, you might want to consider this option. It is lightweight, easy to set up and get running, and while not necessarily cheaper, the fee structures are certainly simpler.
As will most services, NZ merchant accounts come with fees attached.
What fees do internet merchant accounts charge in New Zealand?
Like all services, there is a fee for establishing and using a merchant account. The fees will vary from one bank/provider to another, but watch out for these in particular:
Most providers charge an annual maintenance fee. These range anywhere from $79-$400.
Some merchant account fees are monthly fees. The statement fee is one such example. Another would be the monthly minimum fee, which is the minimum amount a merchant will be charged irrespective of the actual processing charges.
Early termination fees
Some providers may charge a fee if a merchant terminates an account before the end of the contract term.
Merchant service fees (MSF)
MSFs are paid to the credit card scheme providers for using their credit facility. Sometimes this fee is rolled into general transaction or account maintenance fees, but it is worth checking.
There are a host of other fees that could be charged to a merchant via their merchant account. These include customer service, batch payments, chargebacks and transaction fees.
5 important questions to ask about merchant accounts and payment gateways
Knowledge is power, so it never hurt to have a few more questions up your sleeve for when it comes to getting into bed with an internet merchant bank account provider or payment gateway. So what questions should you ask?
- Does the gateway have a list of specific merchant account providers I have to choose from?
- Does my gateway require a merchant account to be set up independently or will it be bundled with the service?
- How long is the merchant account application process? Additionally, how complicated is it?
- What are the minimum requirements for a merchant account?
- How much will the account cost to set up, and what are the on-going fees?
PCI compliance: What is it?
We’ve used the term PCI DSS (often abbreviated to just PCI) a few times this article. So what is it?
PCI DSS is a set of regulations that all companies processing, storing or transmitting credit card data must adhere to in order to maintain a secure transacting environment. Regardless of the size of the business or the number of transactions processed, all merchants must be PCI compliant.
How do you get PCI compliant in NZ?
This depends on your size and setup. If your business is online and your gateway is processing all of the payments, the responsibility for compliance falls on the gateway provider. However, it is important to check with the gateway provider before working with them, particularly if you are using an integrated checkout rather than a hosted solution.
- HINT: Always ensure that your gateway is PCI compliant! Find out more at https://www.pcisecuritystandards.org/.
What happens if you aren’t PCI compliant?
Payment service providers may penalise banks for not following PCI standards. The fines here could range from $5,000 to $100,000 per month! The banks then transfer the fee down to the merchant who will have to bear the cost of the fine or suffer increased transaction fees to cover the losses. At the very least, you can expect to have your merchant account terminated.
All merchants have to adhere to the standards at all times. Check your merchant account contract to see what the extent of your exposure is in case of a breach of PCI compliance.
Setting up a payment gateway for your website can be complicated, but you can simplify the process with a little forward planning. By understanding your business’ requirements for its online payment system in the short, medium and long term, you stand a better chance of making the right decision and saving yourself unnecessary pain.
So, do you need any help with payment gateways? Anything we’ve missed? Drop us an email – we’d love to hear from you.
To your continued online success!
Jeff Skidmore @POLi