When processing your customers’ payments, you should have two main priorities: ease of use and protection against security risks and fraud.
Key Takeaways You Will Get From This Article
1. When it comes to payment processing for your customers try to be flexible with your payment options, support online account creation, use a recognizable business name and purchase descritpion, and always provide customers with the easy-to-find contact information they can use to reach you.
2. When it comes to secure payment processing, always insert or tap EMV cards, update your POS system if you're using legacy hardware and software, provide your customers with receipts and confirm deliveries, enable mutli-factor authentication for online accounts, and always confirm partner compliance with the PCI DDS and other regulations.
The first relates to customer experience and retention. The second is crucial for minimizing financial and reputational risks that impact consumer trust. These risks can lead to significant legal, regulatory, and partnership penalties.
Electronic Merchant Systems (EMS) has helped merchants optimize their payment processing for over 30 years. We know every approach's ins and outs and which works best.
Below, we’ll walk through four best practices for ease of use and five for security assurance. Let's get started!
- Differences Between Card Present and Card-Not-Present
- Best Practices for Achieving Better Payment Processing Ease of Use
- Best Practices for Achieving More Secure and Compliant Payment Processing
- What’s Next?
Card Present vs. Card Not Present Differences
Before jumping into our list of best practices for processing payments, it’s important to note that there will be some differences between card-present and card-not-present situations.
As the names suggest, these differences depend on whether the physical card is present at the time of purchase.
There are also differences with payment methods that don't directly involve cards during the transaction. For example, "near-field communication" (NFC) technologies (e.g., Apple Pay, Google Pay).
Best Practices for Achieving Better Payment Processing Ease of Use
The first subset of best practices on our list relates to customer experience and how you can leverage payment processing to create a quicker, more seamless purchase.
Customers will appreciate you making payments as frictionless as possible, and that helps encourage their return.
1. Be Flexible with Payment Methods
Huge advancements in payment processing technology have emerged over the last few years. From paying with smartphones to EMV chips, customers now have more protection against fraud and theft than ever before.
But if you aren't processing payments with technology that can support these advancements, you're leaving potential sales revenue unclaimed.
The first time someone wants to pay with their smartphone and can't, they'll probably just take out their wallet. The second time, they'll go to another merchant.
2. Support Online Account Creation
If your business runs a digital storefront, customer account functionality should help buyers save their card information for reuse in the future (more on related security elements below).
Per the Baymard Institute, nearly 70% of carts end up abandoned on eCommerce sites.
The fewer barriers between customers and order placement, the better your conversion rates will be.
Accounts and stored cards eliminate the pesky step of customers entering all their card information into the specified fields with every checkout.
Also, customers making repeat purchases from their accounts with stored cards will give you extra confidence in their identity, the card's validity, and overall security and fraud prevention.
You can even add a “one-click checkout” functionality to speed up the process.
3. Use a Recognizable Business Name and Purchase Description
Whether your customers are large businesses or local residents, everyone wants the ability to understand their purchase history easily—both when paying and reviewing billing statements.
If customers don’t recognize your business’s name on their statement, they’re more likely to assume that a false purchase was made.
And when customers find discrepancies, they will start investigating or contacting their credit card company to initiate disputes or costly chargebacks.
This will affect your reputation with card companies—and bottom line—if it happens too often.
This confusion can be avoided by setting up a recognizable business name and purchase description.
4. Provide Easily Found Information for Customer Support, Disputes, and Other Issues
Similarly, you should always provide your customers with easy-to-find contact information they can use to reach you.
You can stop some disputes from escalating and getting providers’ attention if they’re easily fixable.
Importantly, listing this contact information where it can be found easily can also foster greater consumer trust. Potential locations include:
- Physical and electronic receipts
- Webpages, particularly your:
- Contact page
- Customer service pages
- About us pages
- Customer service counters near high-traffic areas
Providing customers with prompt and considerate customer service (and contact information) will help prevent them from escalating disputes and increase their trust and confidence in you.
Best Practices for Achieving More Secure and Compliant Payment Processing
Our second subset of best practices pertains to card and cardholder data security and fraud mitigation. Unlike the broader tips above, which are primarily long-term and management- or owner-focused, these best practices should be incorporated into new employee training.
Adherence to these policies will make significant losses, poor payment processing rates, and reputational damage much less likely.
1. Always Insert or Tap EMV Cards (“Chips”)
One of the most important practices you can adopt is ensuring that cards with EMV chips are either inserted into readers or tapped.
This is because of the “liability shift” that occurred following their introduction—if an EMV card is swiped, the merchant bears liability for fraudulent transactions.
Processing too many fraudulent transactions (even accidentally) may add you to the MATCH list because of the significant risk these merchants pose to payment processors.
Although the liability shift occurred on October 15, 2015, many merchants and their staff may not know this policy. So, be sure to include a note or discussion about this liability during all new employee training.
2. Update POS if You’re Using Legacy Hardware and Software
Relying on legacy technology increases your security risks. A major motivation behind new hardware and software developments is to secure your business against known vulnerabilities.
Unfortunately, if you still rely on legacy technology, some of these protections will not be present, increasing the risk and liability of processing fraudulent transactions.
3. Provide Receipts and Confirm Deliveries
If a customer disputes a charge or any part of their order's fulfillment, you need documentation to demonstrate that the transaction and delivery were above-board and compliant.
Furthermore, customers who get receipts will have an audit log they can review for any monthly, quarterly, or yearly personal finance recording.
When customers are better able to understand and revisit their purchases, they should be less likely to submit incorrect disputes.
4. Enable Multi-Factor Authentication for Online Accounts
eCommerce merchants who allow customer accounts to store cards should provide their customers with multi-factor authentication (MFA).
MFA requires a second set of credentials (a PIN code or "one-time passcode") to be entered following standard usernames and passwords.
This additional security layer prevents malicious actors from using compromised or stolen credentials to access accounts. It inherently increases credit card and cardholder data security.
MFAs have risen in popularity in recent years, but some users may require a brief overview and tutorial on why they should use them—and how to do so effectively.
5. Confirm Partner Compliance with the PCI DSS and Other Regulations
Compliance with the Payment Card Industry Data Security Standard (PCI DSS) isn't a best practice. It's obligatory for any merchant who processes credit card and cardholder data.
But many merchants don't actively concern themselves with PCI DSS compliance because they assume their vendors manage it as part of their services.
While partner vendors are also subject to the PCI DSS, merchants bear liability for any security breach that compromises sensitive information. That could include cases where the third-party services were responsible for the vulnerability.
Remember that merchants bear ultimate PCI DSS liability for theft of credit card and cardholder data.
So, you should evaluate potential partners' compliance with the PCI DSS and other laws and regulations governing payment processing.
The best practices for payment processing are simple enough to implement that adopting them should be quick and easy, yet they’re impactful enough to provide real benefits.
Still, there’s no substitute for a knowledgeable and experienced partner.
Since 1988, Electronic Merchant Systems has made it our mission to empower merchants toward improving their financial well-being.
Have more Payment Processing Questions? Click on the link below to check out our comprehensive guide on How to Choose The Right Payment Processor for your business.