7 Vendors That Take on Credit Card Risk so Your Business Doesn’t Have To


No matter what product or service you provide, cash in exchange for goods, time and expertise is a fundamental for every company's survival. As a rule, the easier you make it for your customers to pay, the better, and with Visa and MasterCard as the preferred payment method of customers online, accepting credit cards is a must. Before you start asking what you need in order to process payments however, word to the wise: unless you're ready to develop and devote a set of expert resources just to credit card processing, don't handle this one on your own. No, seriously, just don't do it: the time, security and technology expertise needed to process payment cards safe and sound are far more than most small and medium sized businesses can handle, and simply not worth the risk when you look at the alternatives out there.

It's no secret that credit cards are one of the largest targets for thieves, scammers and fraudsters alike. The cards are a favourite for committing identity fraud, and stolen card numbers fetch a good price on the dark web, particularly when stolen and sold in bulk. Credit card commerce leaders are well aware of this: in 2006 big names in the industry, including MasterCard, American Express, Discover and Visa joined to develop the PCI-DSS, the Payment Card Industry Data Security Standards. A mandatory 12-point program, the intent has been to secure card payments by developing a standard for protection measures that must be in place. Thanks to the PCI-DSS, for companies who wish to process credit cards for customer purchasing there's a lot of legwork and heavy lifting, and opting-out isn't an option, not when it means more risk to customers, credit providers and your business bottom line when theft occurs. The PCI-DSS includes such safeguards as data encryption, access controls, monitoring and policy, and expects processors to have both technology and administrative shields in place to defend that vulnerable data.

For large-scale operations like Amazon, Apple, Staples and Target, meeting the PCI-DSS is not a problem: yes, compliance takes work, but they can afford the resources needed to get the job done in-house. If you're running a smaller enterprise however, why would you? Processing in-house might sound like a cost-saver, but not so when you add in the multiple safeguards needed, expertise to implement, and the added risk your business acquires by holding on to data denizens of the dark web love to steal. Instead, far better to outsource processing to a company that specializes in the craft. Fortunately, when it comes to credit card processors, it's a competitive industry, and there are lots of options to choose from.

Here are several industry players that make it much more easy for customers to give you their money:

1. PayPal

Odds are high when you first think of online payments, PayPal is one of the first that comes to mind. That’s no accident: PayPal is big, having been an established presence in the market for well over ten years now. It’s a familiar service: for a fee covered by the merchant, customers can perform payment interactions through the platform, either using a payment credit card or logging into personal accounts and paying through direct bank transfers. Its size means it can offer more options: purchase and seller protection, payments via emailed invoiced or setup and express centre on your website for online sales. On the drawback side, although many users treat PayPal as a bank, they are best reminded that isn’t the service: Paypal adheres to PCI-DSS, but not banking regulations, including insurance of currency holdings. Terms of Service also stipulates that PayPal can freeze accounts at anytime, a fraud protection measure that hurts if your business is on the receiving end, but necessary considering the volume of financial transactions that move through the industry giant each day.

2. Shopify

Where Shopify really shines is that it isn’t just a payment system, it’s a merchant system: in addition to payment at the point of sale, Shopify offers online software for customizing your storefront, setting up different selling channels, inventory, shipping, and tracking sales. PCI-DSS compliant, they also have an impressive privacy policy, spelling out clearly what they do with data, both for the business and the business’s customers. I've met Shopify team members at security conferences before, and they're a hardworking bunch.

3. Payfirma

Another Canadian company, this time headquartered in Vancouver, BC, Payfirma provides hardware and software solutions to businesses for accepting credit card payments "online, in store, at the office or in the field". While Payfirma’s service offerings are not unique to the industry for helping clients take payments, the business prides itself on delivery, claiming to have the industry’s best for support teams. As small and medium sized businesses can find themselves overwhelmed with the industry, and payment collections can be a stressful endeavour, Payfirma’s clean interface and patient hand-holding is a definite plus.

4 . Google Wallet and Amazon Payments

Okay technically two different services offered by two different companies, but it’s hard not to view Google and Amazon’s payment offerings side by side. A comparison between the two shows very similar pricing and business offerings for both, to the point it’s simply a matter of selecting which offers the better extra features, such as loyalty programs or custom integration. Both businesses are huge, with payment card processing a side offering rather than their full marketplace, so organizations can trust their security settings. The drawback is these brands : how comfortable are your customers with the possibility of their purchase history being connected with other online services? Privacy experts in particular are warning with access to purchase history and online services, Google might know a little too much about the end user. While the answer to this will very from customer to customer, this may be an issue if your business is selling particularly sensitive services or products.

5. Payoneer

Where are your customers? While many companies focus on the local market, offering services and products to interested buyers within the same country, some thrive on selling internationally, offering products that garner interest because they can be harder to find on local shelves. For these companies, Payoneer really shines. The advantage of Payoneer is that it really shines is international business transactions, developing a platform for companies to compete in the global marketplace by fast, flexible and secure transfer of funds between borders. This means if your product is popular in another country, or you frequently do business overseas, Payoneer has your back.

6. Stripe

With a focus on tools for making online payments, there’s something to be said for Stripe’s intent when two of its major backers are PayPal founders. Stripe offers a fast, easy way to accept payments - their website boasts accounts up & running within 10 minutes - without lax security. If anything, Stripe aims to make online payments more secure: along with PCI-DSS compliance, Stripe is ‘secure by design’, with the platform’s very premise that Stripe takes the risk of processing credit card data so you don’t have to. One thing that sets Stripe apart from it’s competitors: no merchant accounts, and no subscription fees. Instead, Stripe is intended to integrate seamlessly with the seller’s website, and is paid per purchase: 2.9% + $.30 per transaction; in other words, Stripe doesn’t get paid unless you are.

7. Freshbooks

Unlike the systems above, Freshbooks isn’t made for online sales transactions: instead it shines as accounting software for freelancers and small service providers. Freshbooks makes it stunningly simple to set rates, sum up project hours, send invoices and “accept credit cards” as a method of payment, a popular option for many clients. If you’re a service provider who needs an efficient set of tools to send the bills and get payments quickly, Freshbooks may be just the ticket.


The websites, apps and software providers above offer some of the more popular services in credit card processing, but they are by no means the only platforms out there. Ultimately when using any new service, entrepreneurs should assess their own needs, including ease of use, tools offered, business integration and security safeguards before making the call. Whatever option you choose be sure to read all agreements very carefully, so that both you and your customers know all sensitive data involved is protected, and sleep soundly at night.

Posted in Applications & Software, Protect, Security and tagged , , , .

Leave a Reply

Your email address will not be published. Required fields are marked *