Blog | Choosing your Payment Gateway

18th February 2014

Choosing your new eCommerce website can be a confusing process. So many providers, so many packages, so many rates – and you might not even know how much business you will do yet. But there are hidden costs you need to watch out for.

How Important is the Payment Gateway?

Whenever a new eCommerce project begins, we often find that clients are too busy with stock, the product database and the web design to worry about the ongoing payment gateway; instead taking whatever is recommended to them by the web developer. Clients recognise that the ongoing costs of transactions are vitally important but there are more pressing matters to deal with. And asking a external web developer for advice means you’ll just hear about what is easiest to integrate.

How to decide on your Payment Integration

We recommend you consider 3 main factors when choosing how to handle your online payments:

  1. Price & Contract – read more below on pricing. Find out about contract length, upgrades and cancellations.
  2. Integration – one for the developer. How quick and easy it is to get the code in working well?
  3. Support – will they answer your questions quickly? Will they help the developer is something goes wrong?

[tabbed_section] [tab title=”Price and Contracts” id=”t1″]

There are 3 key elements to look at when reviewing the cost of taking online payments.

Payment Gateway

When a customer had added their chosen products to the basket of your site, they will then choose to proceed to the checkout. Unless you have opted to take card details yourself (unlikely unless you’re a multimillion pound company), you will divert your users to a hosted payment solution. These are often customisable to look like your website (users don’t typically look at the url they are on).

Think Paypal, think SagePay, think WorldPay.

But its important to remember that the payment gateway is just the butler – opening the door (securely) to a payment page. You will often be charged a monthly fee for this service; bracketed into service levels allowing a maximum amount of transactions until you pay a higher monthly fee. There are also lots of conditions put on your rate such as average order value, likely turnover etc

Merchant Services (Transaction Costs)

The Merchant Services provider can often be different from the payment gateway so read the small print. Whilst the Payment Gateway is an ongoing fixed fee – paid over a longer contract term – your Merchant Service fees are paid on a per transaction basis. These fees are what will increase as your turnover increases, so it pays to keep a very close eye on them.

A rate drop of just 0.2% drop could save your business thousands of unnecessary spend.

Typically you will pay percentage A on the first 150 transactions, and percentage B on all transactions thereafter. It doesn’t even follow the transactions limit of the payment gateway, so its very easy to get confused. You will also often pay a fixed fee per transaction i.e. 10p + 2.1% so the maths can get very tricky when trying to estimate your likely expenditure.

Combining this maths with the payment gateway fees and criteria suddenly becomes complex enough that you can understand why clients gloss over it and trust any recommendation that comes their way.

PCI DSS Compliance Fees

When you begin to trade online and are more concerned with boxes, prices and web designs, its very easy to overlook the huge legal side of selling on the internet. This is particularly the case with new businesses who build their own sites with Magento, Shopify etc rather than get advice from an agency. The information is readily made available but easily ignored.

That would be a big mistake.

As well as needing to know your Distance Selling Regulations and have your T&Cs written up on the site, you need to understand the PCI DSS Compliance (Payment Card Industry Data Security Standard) rules. Its rules govern the handling and storage of sensitive customer data, including but not limited to cardholder information. You need to know how to handle it, how to store it, define who has access and what happens in a breach of confidentiality.

Although many hosted solutions (Paypal, SagePay etc) handle a lot of the card data for you – thereby reducing your risk – you cannot dispense responsibility altogether. What your payment gateway or merchant services provider may NOT have told you is that you must complete an annual healthcheck to be legally compliant. Some of them drive the importance of this and will charge a small monthly fee for their compliance on your behalf. Some companies however will charge you a larger monthly fee on the assumption that you are NON compliant. We have seen this happen on many occasions so check your invoices!

A note on 3DSecure

You know that annoying window that pops up after a transaction asking for your ‘1st, 3rd and 6th letters of your password’? That’s 3DSecure – or Verified by Visa and Mastercard SecureCode to you and me.

Given you are entering a memorised password (unlike the digits printed on the card) it’s aim is to reduce fraud – similar to a memorable PIN number for shop transactions. Banks are gradually insisting their cardholders use this feature – but signing your website up to the scheme has added benefits.

If you opt in to use 3DSecure you gain massively increased protection from fraudulent transactions. even if your customer hasn’t signed up to the scheme with their bank. The fact that you have signed up shows enough willing to eliminate fraud that banks will refund you any fraudulent transactions. [/tab] [tab title=”Integration” id=”t2″]

An often under-appreciated factor in choosing your payment services is the ease of integration.

Once you have chosen and signed up for your payment provider of choice, its over to the web developer to integrate their code with your website. Some integrations are easier and more reliable than others, and it pays to make life easier for the developer. The more complex the code and integration, the more likely it is to run into bugs and issues that need resolving – either before launch or even when your site is active.

Transaction Tracking

Some payment gateways don’t like dropping users back to your website, which in turn makes tracking those transactions in Google Analytics more difficult. Others are happy to send your users back to you, but the code itself still makes tracking difficult.

If you’re serious about selling online then these ‘eCommerce Conversion Rate’ reports from Google Analytics will become a vital part of your ongoing strategy. No data = no reports.

Payment Page Customisation

Some payment providers also give you the option to customise the secure payment page with CSS code that can make it look like your website – this will help your users remain calm and comfortable that they are paying you. Even this level of customisation can vary considerably from strict rules to fully bespoke design – often vital for reducing basket abandonment rates.

The Importance of Testing

All of the providers will allow you to test transactions before going live, and we always advise allowing one week for this process. Customers have a happy knack of entering completely different orders and addresses and its important to test as many variations as possible to check for bugs that the complex integration code might not be able to handle straight away.

[/tab] [tab title=”Support” id=”t3″]

We value support like nothing else.

Every single eCommerce project that we take on is grounded in quality support. We expect to offer that to our clients, so we expect the payment providers to offer quality support to us as well.

UK Technical Support

Most payment providers will offer you a UK landline to call in an emergency, or with queries about your service level and contract. However, the quality of their technical knowledge can vary widely with some banks reading from an FAQs list rather than understanding the true issue.

If your site has suddenly stopped accepting correct payments then we stop what we are doing to get it sorted. We expect the same of the payment gateway too, so email or live chat support often doesn’t cut it.

Support Resources

From initial integration to changes in platform, to changes in code, we expect all payment providers to offer searchable, downloadable support guides. If we’re fixing your site at 11.59pm on a Saturday night and their lines are closed, we expect to have resources available that we can sort through to identify possible issues with your site going down.

YouTube videos, searchable FAQs, 24 hour call lines – these are the standards we expect.


We like businesses to be clear about upgrades – knowing what you get for your money and what you get if you pay extra should be made clear from the outset to you.

You will often begin trading on a starter package, allowing for a certain number of transactions at a certain percentage rate. What happens if you exceed that limit in one particular month, or when every single month outstrips those expectations? You need to know if there is a one off charge, an automatic regrading of the account, or indeed if you are better off with another platform.

[/tab] [/tabbed_section]


Adam Pritchard

Founder of this agency and Shopit, Adam has nearly 20 years of digital experience, from the days of getting 3M and Pioneer UK web-friendly, to leading project teams on development and marketing projects for the likes of Tesco, Royal College of Nursing and National Tyres. Secretary of junior football club Winton Wanderers, most of the weekend is spent coaching kids, or reading the Sunday papers with coffee and cake.