Introduction

Since the dawn of history, there has been trading between two parties exchanging
goods face-to-face. Eventually such trading became complicated and inconvenient;
money was invented so that a buyer could acquire something he needed from a seller
without necessarily exchanging goods. Security of the monetary systems was
guaranteed by the local, regional, national, and eventually international banks
controlling the printing of money. In course of time, new ways of payment such as
payment orders, cheques, and later ‘plastic’ money were invented. These allow
payment without ‘actual’ money. Mapping between the payment instrument and real
money is still guaranteed by banks through secure financial clearing networks.
Eventually, remote payment became possible using those same instruments, although
security then started to become a challenge. Verifying a hand-written signature on a
cheque or a credit card mail order is impossible when buyer and seller are not face-toface; in
this case the buyer must take the additional risk of sending in a payment before having
received his purchase or the seller must send the purchased items before having received
the payment. Phone order purchases are riskier since no signature at all can be provided:
the seller runs the risk that the buyer may deny having made the purchase and demand a
refund even after he has received the goods. Recently, there has been a great deal of
interest in facilitating commercial transactions over open computer networks, such as the
Internet. The introduction of open networks renders the security issues even more critical.
Clearly then, without new security measures, envisioning electronic commerce over open
computer networks is utopic. In this article, we attempt to provide an overview of electronic
payment systems focusing on issues related to their security.

What Is Online Payment And How To Accept

Payments Online
6/29/2012 Back

Online payment refers to money that is exchanged electronically. Typically,

this involves use of computer networks, the internet and digital stored value
systems. When you collect a payment over the internet, you are accepting
an online payment. Online payment usually is the transaction that results in
transfer of monetary funds from the customer bank or credit card account
to your bank account. The online payment can be done from a credit card,
checking account or other clearing house like paypal for example.

Merchants accepting online payments need to comply with a list of security

requirements. The online payment specific security is designed to decrease
the chance of the billing and personal information being stolen. The transfer
needs to occur over secure encrypted connection. In the cases of recurring
billing where customer data is stored, the merchant needs to enforce a
longer list of security features and protocols that are usually referred to as
PCI compliance requirements. Recurring billing systems that employ online
payment procedures need to be periodically scanned for security
vulnerabilities.

To accept an online payment the merchant needs to have access to an

Online Payment Gateway. The online payment gateway is a service
provider that is integrated with the credit card and transfers the online
payment information between the merchant and the payment processor.

The typical online payment process has the following stages:

1. Customer submits the payment information to the merchant. For

example customer completes the payment form on the merchant
website and submits the information.
2. The merchant submits the payment information to the online payment
gateway.
3. The online payment gateway submits the payment to the payment
processor.
4. The payment processor authorizes the payment and responds to the
payment gateway
5. The payment gateway responds back to the merchant
6. The merchant responds back to the customer showing if the online
payment was successful or not and taking the appropriate action.

An e-commerce online payment system facilitates the acceptance of

electronic payment for online transactions. Also known as a sample of
Electronic Data Interchange (EDI), e-commerce online payment systems
have become increasingly popular due to the widespread use of the
internet-based shopping and banking.

A payment service provider (PSP) offers merchants online services for

accepting electronic online payments by a variety of payment methods
including credit card, bank-based payments such as direct debit, bank
transfer, and real-time bank transfer based on online banking. Some PSPs
provide services to process other   methods   including cash payments,
wallets such as PayPal, prepaid cards or vouchers, and even paper or e-
check processing.

An Internet Merchant Account (IMA) allows merchants to accept

debit/credit card payments directly to their business bank account, online.
Due to the stringent criteria required for an Internet Merchant Account
(IMA), many smaller businesses opt for a payment processing company
instead.
Using a Payment Gateway, provided by a Payment Service Provider (PSP)
offers an alternative for businesses whose card-based-turnover is too low
or who fail to meet the criteria for an Internet Merchant Account  (IMA).

AT Integrated ecommerce platform includes and automates all technical

aspects of accepting online payments. It can accept online payments using
a combination of online payment processors at the same time