Once your business is online and your shopping cart has been built, you have to select a payment gateway. Many merchants select their payment gateway based on what their merchant services provider tells them. There are hundreds of payment gateway options out there, and not all of them measure up.

A gateway facilitates your online payments by connecting your secure order from your merchant account to a processing bank. Something as important as the transfer of money should take some research. When selecting a gateway, consider available features, reliability, and support.

Some well known gateway options may not be your best bet. Authorize.net is a gateway that offers nothing more than a name. When it comes to support, this popular option falls short on all levels. Forty-five minute hold times, getting the run around from the help desk, and being a one trick pony are all this gateway has to offer.

An important item to look for in a gateway is ease of integration. If you don’t have a lot of money to spend on programming, or you are new to programming, you should select a gateway that allows you to follow some easy copy and paste steps to get your site up and running with all the payment options needed. A payment gateway should have a platform for identifying and preventing chargebacks without you having to take time out of running your business.

Some additional features to look for are a robust CRM and a strong customer database so you can run promotions and take care of your customers. A good payment gateway allows you to take payments in multiple fashions, such as recurring billing, bill me later, and ACH. There are gateways out there that even do your marketing for you. One such product is the Check-Out Box .

When selecting which gateway is going to support your business, cost should be the last deciding factor. Many online gateways may have low startup costs, but have hidden costs for additional features. For example, Authorize.net considers E-check and recurring billing to be additional features with additional charges.

I hope this sheds some light on those of you looking for a gateway solution. I invite those looking for a strong gateway to ask questions and give their opinions on gateway experiences you have had.

Now merchants are in for a new type of threat. The very software that business owners use on their computer networks may cause card holder data to be compromised. Packet sniffers are software or hardware that monitors data on a network, and they have been around for a long time. This software is typically used to troubleshoot a network issue or to test firewalls . Conversely, we have malware that is designed to damage a network. It appears that attempted fraud is on the rise again. Packet sniffers are being used as malware on systems to snag or intercept card holder data.

Visa recently released an alert about packet sniffers . If you feel your card holder data has been compromised, make sure to unplug your network cable (turning off your computer will not work). Try to isolate the compromised machine from the rest of the network. Notify the card associations immediately so they can begin their investigation process.

Visa recommends in their alert that we follow these guidelines to avoid vulnerability to a packet sniffer attack:

• Utilize host-based Intrusion Detection Systems (IDS), such as Dragon IDS suite and Comodo
• Monitor firewalls for suspicious traffic, particularly outbound traffic to unknown addresses
• Implement file integrity monitoring
• Secure workstations so packet sniffers, or other malware, cannot be installed
• Utilize encrypted protocols or encryption to protect sensitive data
• Use packet sniffers legitimately to detect network intrusion attempts or suspicious activity on a network
• Ensure that anti-virus and anti-spyware software programs are up-to-date
• Routinely examine systems and networks for newly-added hardware devices

Let’s face it – we all strive to have that BMW as opposed to a Dodge Neon, and even shop around for the best appliances. Knowing this, have you ever stopped to wonder why we, as business owners, opt for the lowest bidding credit card processor for something as important as our business?

As with other products, cheaper does not necessarily equate to better. How about reliability? If your customers are charged the wrong amount, or transactions are declined due to an unreliable or inaccurate gateway, who do you think they will blame? That’s right, YOU! Consider this – is the money you’re saving using the cheapest solution worth the cost of losing future business?

Let me share with you this example, a few weeks ago, a merchant was having trouble getting cards approved on his website. He then had his funds held by his processor. His merchant services provider told him it was his gateway and conversely, the gateway provider told him it was his merchant services provider. Needless to say, this merchant chose his provider based on the lowest bid, and what he got as far as service and reliability was a whole lot of finger-pointing and denial of liability.

I’m sure as business owners you are bombarded with calls and mailers from merchant services companies on a daily basis claiming their fees are the lowest. Fees for merchant services are an unfortunate reality, irrespective of the processor you choose, so it is important to choose the right company to partner up with. Here are some things you should know when deciding on a merchant services provider:

• Make sure whatever gateway you choose is compatible with your shopping cart software.
• Rates and fees are determined by many factors: length of time in business, percentage of sales made over the phone or the internet, type of business, personal credit rating, and dollar amount of sales per month. A typical rate should be about 2.30% to 3.5%, but some companies charge as high as 6%. Poor personal credit or business type may warrant a much higher rate.
• Do not agree to a high discount unless you are sure no other company will process your charges for lower.
• Be sure to ask about all fees involved such as Gateway fees, ACH fees, monthly minimums, Address Verification Fees, transaction fees and statement fees.
• Read all agreements closely to determine the circumstances for which your money can be put on hold.
• Find out if there will be a hold or reserve on your account. If so, how much with be held and how long will it be held for?
• What types of fraud and risk monitoring does the processor and gateway provide?
• Who do you call when you have questions? For instance, a processor offering its own gateway is a better choice since there will be fewer support calls to make in the event of service interruption.

In my experience in this business, I have come across numerous merchants that got exactly what they paid for – very little.

Take my advice, do your homework and don’t settle for the lowest bidder.

First, it is important to understand the different types of transactions that can occur when running a credit card sale:

• Retail swiped account transactions will get a Qualified Discount Rate, which is the lowest rate possible. In this type of transaction the card holder is present, they are using a standard consumer credit card, and once the card is swiped the transaction is batched within 24 hours. If any of these criteria change, you could downgrade to a MID-Qualified or a Non-Qualified transaction, thus increasing your rate.
• A keyed transaction, or manually entered transaction, will get a MID-Qualified Rate. This can also occur if AVS (Address Verification Service) is not entered when the customer uses a rewards card, or if the transaction is not batched within 24 hours.
• A Non-Qualified transaction occurs when a card is key-entered with no AVS info, or if a Corporate, Government, or International Card is used.

If you are not able to swipe a card because you are using an online payment gateway, how can you also take advantage of better pricing? When processing a MOTO (Mail Order Telephone Order) or Ecommerce transaction make sure to do the following.

• Make sure all required AVS information is entered
• Set your payment gateway or terminal to batch or settle within 24 hours
• Enter an Order or Invoice number
• Make sure to enter the CVV2 number

Many different factors can determine the rate you are assessed on your transactions. If you know you are going to be taking card types that will typically fit into the Non-Qualified category described above, be smart when setting up your credit card processing account – make sure to find out what your Non-Qualified rate will be. Be sure to find out all the fees involved before signing on the dotted line.

The first involves using the Luhn algorithm (also called the "Mod 10 Method "), which was developed as a way to validate unique numbers such as credit card numbers and social security numbers.

To further validate credit cards, you’ll want to obtain authorization from the issuing bank for 1.) address verification (AVS) and 2.) cvv2 – the three or four digit code found on the back of credit cards. Banks will respond with match or mismatch codes for street address, zip (5 and or 9 digits) and cvv2.

But what else can you do? These methods are well known and criminals can find ways around them. A few simple precautions go a long way. Here are some tips for validating credit cards:

• Double check orders where the shipping address doesn’t match the billing address. Oftentimes these are legitimate but I still view it as a red flag, especially for international orders.
• Require customers to create accounts or profiles to place an order. You can even validate new customers’ credit cards before they make a purchase by placing a $1 authorization that will fall off the card in a few days (just make sure to inform your customers!). Keep in mind that there is not a standard amount of time for an authorization to remain on a debit or credit card. Issuing banks determine the exact duration but typically most stay valid for three to 10 days. If you’re concerned about it you can call the bank and ask them to void the transaction.
• Use a credit card payment gateway provider that offers multi-level credit card validation and fraud prevention services. Transaction grading, advanced transaction management reporting, BIN blocking and progressive identification tools can protect your business from fraudulent credit card activity and potential chargebacks.