Accepting payments through your website (e-commerce)

E-commerce refers to buying, selling or ordering goods and services on the internet, including receiving membership subscriptions and donations.

Websites or email can be used to allow clients or customers to:

  • join immediately
  • renew membership subscriptions
  • make donations
  • make bookings and buy tickets
  • make venue or facilities bookings
  • order and purchase services and products
  • purchase subscriptions to specialist services, newsletters etc for which you normally charge
  • purchase information in the form of papers, images, video or audio clips – perhaps held in a database on your site.

E-commerce does not have to be an expensive or sophisticated function or process. It is simply a tool that makes it easier for members, clients and users of your site to donate money or pay you. E-commerce should not be confused with online banking which is about using the internet to manage your bank accounts.

There are three main e-commerce options available:

Accept credit card payments via email and process the order or payment manually. The downside of this is that many people are unhappy transmitting their credit card details through a low-security medium such as email. A variation on this option that gets around the credit card security dilemma is to accept orders by email, but then phone the customer to obtain card details.

Provide a link to a specialist credit card processing website such as www.paypal.comYou are now leaving the e-Strategy website. These specialist sites can register you as a payee and receive credit card payments on your behalf for a fee (around two to three percent). The major advantage is that no merchant facility or ‘gateway’ is required, so it is a much cheaper option than getting a merchant facility for organisations that don’t already have one. These arrangements are fine if you have a limited number of transactions. It might be clumsy and expensive though if, for example, you were accepting a large number of conference bookings online.

Using a full e-commerce facility on your own site – effectively integrating a payment gateway with your website. This involves software that allows a user to input credit card information to a secure page on your site, and the automated capacity to authorise the credit card transaction and deposit the money into your bank account. This option is the most sophisticated and secure but it is not cheap. There will usually be a setup cost, the rental of a merchant facility from the bank and a small percentage fee for each transaction.

True story

Online donations breaking records

To encourage people who are lining up for online donations, we've just scored a new record – an as yet anonymous philanthropist has kicked in $100,000 through the Australian Giving Centre at www.ourcommunity.com.auYou are now leaving the e-Strategy website to an appeal for a Victorian community organisation. This is by far the largest single online gift ever in Australia.

Particularly after the success of the online tsunami appeals, anybody who doesn't have an online donations facility had better think deeply about this. Online giving is starting to work with serious money, so get on your bike.

Chris Borthwick, Our Community. See the Community BuildersYou are now leaving the e-Strategy website website.

Making my web transactions secure

When conducting transactions online, it is important to make sure they are carried out securely. The most common mechanism for ensuring secure transactions on websites is Secure Sockets Layer (SSL). SSL is widely used because it is supported in all major web browsing software packages.

A website that is receiving money from selling a subscription or product or service will be using SSL if there is a small padlock in the bottom right hand corner of the browser as shown in the example below.

When the padlock in the bottom right hand corner of the browser appears on the screen, the computer has successfully established a secure connection with the website. This ensures that personal details, order details, credit card details, delivery address and contact telephone numbers are protected while they are sent to the online store.

Apart from the padlock, using SSL is virtually an invisible process. You will also notice that most sites using SSL have an address that begins with https:// rather than http://.

Implementing SSL

Don’t try and install SSL on your site by yourself. Go to a web developer with experience in e-commerce or go direct to an online payments provider.

To implement SSL sessions on your site you will need to obtain a digital certificate for your server. Digital certificates are issued by trusted third parties, called Certificate Authorities, who must authenticate the identity of your organisation before a certificate can be issued to you. For example, VeriSign is a commonly used certificate authority.

Once the certificate has been loaded into your server, you will have the ability to establish SSL sessions on your website, providing encrypted transmission between your server and a customer’s computer.

Establishing a secure payment gateway on your website will involve working with a payment gateway provider and/or your bank to establish the necessary systems to provide end-to-end encryption of customer credit card information between the customer computer, your website and your bank’s e-commerce merchant facility.

Other terms you should know

Payment gateway: The process that encrypts the cardholder details, and takes the request for payment from your online store to the bank (card acquirer) in a secure browser session.

e-commerce merchant facility: This is provided by a bank, which works with the gateway to handle real-time (immediate) authorisation of the credit card transaction and which will ensure the funds are placed into your nominated account each day.

Screen capture of wishlist.com.au representing an e-commerce merchant facility

E-commerce security enabled websites display:

  • A small padlock (SSL)
  • Privacy Statement
  • Guarantee returns policy

How do I tell if I'm completing a secure transaction (RTF format, 114kb)

Ten questions to ask before you start

  1. What do you want to sell? Just memberships, or publications? Not all products or services are suited to being sold online and perhaps some are better sold face to face through your office.
  2. What price to charge and what pricing model? Should the pricing be the same as that charged to face-to-face customers? You may want to offer a discount for online payment. Do you need to charge for any freight and handling? Do you need to charge GST and can the e-commerce provider you’ve chosen accommodate GST?
  3. Payment method and timing: Do you want to be paid by credit card, cheque, money-order or cash? When is it best to receive payment, given the type of product or service involved? Instantly, at the point of sale, or is it sufficient to take an order via the website or email and invoice the user at the point of delivery or at the end of the month? Credit card is the standard; all other models will require you to wait until payment is received. Can the system deal with recurring payments such as monthly credit card donations?
  4. How are the products or services to be delivered? If users are paying for memberships or making donations, then are they being delivered directly online, by post, courier, or collected in person by the purchaser?
  5. Security and reliability: What level of security of your e-commerce solution is required or appropriate? How dependent will your organisation be on the security and reliability of the system? For example, if a significant amount of money is to be put through the website then it needs to be secure and very reliable.
  6. Fulfilment : What is the availability of the goods and services for sale? If you require instantaneous payment but then cannot supply the goods, you may then waste time crediting their money and you may lose the goodwill of the customer.
  7. How to present your products and services? Will you provide images, video clips, animations or samples of your products or services? If there is a range of products and options, how will these be presented? How will the prices be displayed? How do you want users to be able to make selections and edit their choices should they decide before paying that they want to change their selection – referred to as a shopping cart solution?
  8. Inventory/catalogue: If you have only a handful of services/products and expect to sell only low volumes through the website then you probably won’t need a stock and inventory system. However if you expect a high volume of sales, and/or the number of products and options being offered online is large, and/or has to be updated constantly, then you may need to have a direct link between the website and the stock systems on your office computers.
  9. Maintaining the e-commerce solution: How often will you need to add, delete or update the details of products and services on the website – e.g. prices, availability? If it will be necessary to update the e-commerce catalogue regularly, then an effective solution will need to be provided by the web developer. You will need to balance the need for efficiency and ease of updating with the cost of the proposed maintenance solution.
  10. Managing risk: Providing an e-commerce solution carries with it some risks. In order to limit the risks and to ensure that you manage the expectations of your online users, you should develop and then explain clearly on the website your policies covering:
    • privacy – what you will and will not do with their details
    • returns policy – under what circumstances you will accept returned items and how will they be returned?
    • shipping policy – freight costs, insurance, import duties, where you will not deliver goods
    • fulfilment policy – what you will do if an item/service is purchased but you cannot fulfil the order in reasonable time
    • security – of client/customer personal details, payment records, credit card or account details if given. See more on Being safe and secure online

True story

Simple works best

We realised the approval process had become too complicated – donors had to go through three pages to donate. So we simplified it and it now seems to be working well.

Sonya Tufnell, Development Manager, Child Wise (ECPAT in Australia)

There are numerous e-commerce solutions available from internet service providers, web developers and specialist third-party suppliers. Probably the main thing for your organisation in deciding which solution to adopt is its integrity, security and the bona-fides of those organisations that are selling it and supporting it.

When choosing an off-the-shelf solution or accepting one developed by your web developer, make sure that the solution is supported by a reputable bank and that it is deployed on websites of organisations you recognise and respect.

More information

A number of these issues are complex and you may not be able to answer them all on your own, and some are best answered by the people who know your services and products better than you do – your members and clients. So you may like to:

  • ask your members or clients for their thoughts and preferences on the issues above.
  • speak to a web developer in your area.
  • look up other websites that cover this area e.g. Multimedia VictoriaYou are now leaving the e-Strategy website has an e-commerce section that contains many resources.
  • The TechSoup site for US nonprofits also has a range of articles on e-commerceYou are now leaving the e-Strategy website.
Document ID: 1933, Last Updated: Wednesday, 23 January 2008 9:11am