Internet payment systems refer to the various methods by which individuals and companies doing business online collect money from their customers in exchange for the goods and services they provide. A number of different forms of payment exist for online purchases, and more are being developed all the time. After all, it is in the best interest of both consumers and merchants to make electronic commerce as safe and easy as possible. "The low cost of entry has attracted hundreds of companies, large and small, to the level playing field of cyberspace," Paul J. Dowling, Jr. noted in his book Web Advertising and Marketing. "On the Internet, a small, one-man operation can look as good or better than a large, multinational corporation. But whether it's an individual working out of a virtual office, or a CEO sitting in an expensive downtown office building, they're going online for one purpose—to sell. And they're leaving no stone unturned in their efforts to make it safe and easy for their customers to buy."
Customers who physically visit retail establishments can choose among a variety of payment methods, including cash, checks, credit cards, and debit cards. Customers who shop on the Internet are beginning to expect online merchants to offer the same variety and convenience in payment terms. Credit cards remain the most common form of payment for online purchases, although the options have expanded to include digital cash, smart cards, electronic checks, and other technologies. In addition, some customers continue to make online purchases using traditional payment methods, such as placing orders by telephone or fax, or sending a check via snail mail. Dowling recommends that companies conducting sales online make as many payment methods available as possible and advertise their acceptance of those methods on their Web sites. He claims that small businesses can add value to their product or service offerings by making payment easy, comfortable, and secure for their customers. "Getting paid on the Web ultimately testifies to your marketing plan's effectiveness," Dowling wrote. "And when everything goes as it should, customers will place the order."
Perhaps the biggest issue affecting online payment systems—from both the sellers' and the buyers' perspectives—is maintaining the security of financial information sent over the Internet. A survey conducted by Visa showed that 91 percent of consumers were concerned about privacy and security on the Internet. Another study, conducted by the Boston Consulting Group and quoted in Computerworld, indicated that 28 percent of consumers' online purchase efforts failed—meaning that they intended to buy online but did not complete the transaction. "Concerns about security and the perception that online credit card transactions are extremely unsafe seem to be among the biggest issues keeping many retailers and consumers from closing sales electronically," Lorna Pappas wrote in Chain Store Age Executive.
ONLINE PAYMENT OPTIONS
CREDIT CARDS As of 2000, credit cards remained the most common means of online payment. They were also among the easiest payment methods, for consumers as well as for merchants. From the consumer's standpoint, ordering merchandise from the Internet required only entering a credit card number and expiration date in the appropriate fields on a merchant's Web site. Many consumers felt greater confidence in online transactions when they used a credit card, knowing that a third party (the credit card company or issuing bank) was involved and could help protect them against fraud. In most cases, the consumer's liability for fraudulent credit card charges is limited to $50.
For merchants who already accept credit cards offline, taking credit card payments over the Internet is relatively simple. It basically involves setting up two Web pages, one to promote the company and its products or services, and the other to process order information. As Dowling explained, however, it can be difficult for online retailers to establish the merchant accounts needed to begin accepting credit cards. Many banks are reluctant to set up accounts for online merchants because they deal with "card-not-present transactions," or transactions in which the physical credit card and holder's signature are not used. The approval process for these accounts is usually quite rigorous, and the fees on sales tend to be higher than those charged to regular merchants. These high fees can pose a particular problem for online merchants who sell small-ticket items.
Once a small business has established a merchant account with a bank, the next step in accepting credit cards is to select a payment processing firm or service bureau. It is also necessary to obtain card authorization software—which can be run on a computer network—or a point-of-sale (POS) terminal to transmit sale data to the payment processing firm via a modem and telephone line. The processing firm checks the validity of the credit card number, expiration date, and purchase amount, then provides the merchant with an authorization number. The preferred method for handling online sales is to pass the transaction information along to the payment processing firm for authorization while the customer is still online. An e-mail confirmation completes the transaction.
SMART CARDS Smart cards are similar to credit cards, except they store information on an imbedded chip instead of on a magnetic strip on the back. Consumers can load money into an account on the card by using an automatic teller machine (ATM) or by placing the card in a slot in a specially equipped computer. The imbedded chip keeps track of how much money is added to and withdrawn from the account. Smart cards are already quite popular for online sales in some international markets. According to Vince Emery in his book How to Grow Your Business on the Internet, they are eventually expected to combine the features of credit, debit, phone, and other cards in one piece of plastic.
DIGITAL CASH Digital cash is a form of electronic currency that functions similarly to a debit card. Customers can transfer money from savings and checking accounts into an online cash account, from which they withdraw to make purchases over the Internet. This form of payment is particularly well suited to purchases of small, low-cost items. In addition, it offers consumers the benefit of anonymity in their purchases, similar to using real cash. The basic technology involved in digital cash transactions is public-key encryption. Digital signatures are used to authenticate the bank issuing the note and the individual computer user who is spending the money.
Some people expect digital cash to become the preferred method of online payment in the near future. "Eventually, people using the Net probably will have digital cash on their computer much the same as they have bills and coins in their wallet or purse," Dowling stated. In fact, digital cash accounts could be integrated into consumers' Web browsers, and companies that provide content on their Web sites (like online newspapers and magazines) could charge a nominal fee for surfers to view their sites. But methods still need to be established to standardize the use of digital cash. As it stands, consumers sometimes have to install several different payment software programs to do business with various companies over the Internet.
ELECTRONIC CHECKS Small businesses can also allow customers to pay for online purchases by accepting personal or business checks online. "Although not as popular as credit cards, electronic checks are also accepted by hundreds of merchants on the Net," Emery wrote. "While most electronic check schemes require the merchant to use special software, electronic checks might appeal to you if you do not currently have a credit card merchant account." Online merchants who accept electronic checks generally set up a form on a Web page and have their customers enter all the information from their regular checks. The merchant can submit this information to a bank like a regular check. A digital signature is used in place of a handwritten one to verify the identity of the customer. One advantage of electronic checks is that it provides customers with a familiar method of payment. In addition, a number of services are available to simplify the process for both consumers and merchants.
SECURE THIRD PARTIES AND ONLINE BANKS Banks have traditionally been reluctant to do business online because of the perceived security risks. But banks have begun offering an increasing number of services online in response to customer demands. Secure third parties may be banks or other institutions that act as middlemen in financial transactions between merchants and customers. For small businesses, conducting transactions through a secure third party eliminates the need and expense of setting up a secure Web site. Secure third parties also provide consumers with added protection from fraud, since the merchants never handle their credit card numbers. "Secure third parties will become more popular as smaller merchants with fewer resources continue migrating on-line," Dowling wrote. "While a small company may want to keep Web operations in-house, it may not want to purchase or maintain a secure Web server. Third-party solutions offer an affordable alternative to expensive, secure servers and local Internet providers that don't offer secure transaction capability."
OLD-FASHIONED PAYMENT METHODS A final alternative for companies that conduct sales over the Internet is to accept payment via traditional, offline methods—by taking orders through an address or phone number listed on their Web site, for example. However, experts warn that limiting payment methods in this manner may cost a company some potential sales. "As soon as you add that extra step—writing down your address or phone number, sending out a check or dialing the phone—you give them another chance to reevaluate their decision to buy," Dowling explained. "When prospective clients click on your order-now button, they'd better be able to do just that.
One avenue in which using traditional payment methods may not hurt sales is business-to-business transactions. Even when sales are made over the Internet, many businesses choose to use existing methods to bill their customers' accounts. In order to protect both parties in an online transaction from fraud, businesses may find it helpful to require all new accounts to be opened in writing via fax or mail. In this way, the seller has a printed document on hand listing the names of authorized buyers, along with approved e-mail addresses, shipping addresses, and purchase amount limits. Any changes to this account information should also be made in writing. Finally, the seller should verify orders by telephone and send an e-mail confirmation upon shipment.
Security remains the main concern about online payment systems, particularly the use of credit cards for purchases made over the Internet. Although media reports tend to concentrate on the effect of security breaches on consumers, credit card fraud affects merchants as well. For example, when hackers infiltrate a company's computers, steal thousands of customer credit card numbers, and use them to charge fraudulent purchases, the online retailer's reputation suffers severe damage. In addition, companies are sometimes left without recourse when they accept a credit card order and ship the merchandise, only to have the customer claim that they never ordered or received it.
But many e-commerce analysts claim that transmitting credit card numbers online does not have to be any less secure than handing a card to a salesperson at retail store. Within the United States, credit card numbers sent over the Internet can be protected by sophisticated encryption technology which is often invisible to parties involved in the sale. In fact, encryption capability is built into many popular Web browsers used by consumers, and the software needed to decrypt messages is widely available to online merchants at a reasonable price.
As Emery explained, encryption reassures the merchant that the customer's order has not been altered and that the customer's personal and financial data has not been intercepted and copied. Further-more, if a digital signature is attached, the merchant can verify that the order was actually sent by the person who claimed to have sent it. Encryption also assures the customer that their personal and financial data remains confidential. Of course, it is vital that the online retailer never decrypt or store credit card numbers on any computer that is connected to the Internet.
For small businesses that operate their Web sites on a server belonging to an Internet Service Provider (ISP) or other host, it is still possible to accept credit card payments online. Many hosts will collect customer financial data and pass it along to their clients in encrypted form. Small businesses that do not have access to a secure Web server can also go through a company like Versanet, which allows companies to call their own secure order page on the Versanet server to process credit card transactions. Experts recommend that companies unable to use encryption (for example, companies that are located in countries where encryption is illegal) either not accept credit card orders online or use a two-stage order process that separates credit card numbers and expiration dates into chunks or data that would be difficult for hackers to identify.
As of 2000, a number of organizations were working to address the problem of security in e-commerce, including Visa, American Express, major software vendors, Better Business Bureaus, and the national organization of Certified Public Accountants. Many of these groups provided recommendations and security certification programs for online merchants. Still, some experts claimed that the future of Internet payment systems might lie in an entirely new technology. One possibility is biometrics, which uses physical identifying features such as fingerprints and voice scans to authenticate customers. "User authentication is the weakest link in e-commerce, and biometrics could not only solve that problem, it could eliminate online fraud," Anne Chen wrote in PC Week. Currently used in the financial and health care industries for the authentication of transactions and drug purchases, biometrics might be the wave of the future. But it needs to overcome people's reluctance to provide something as personal as a fingerprint, which is often viewed as an invasion of privacy.