Slashdot Mirror
Recommendations for Website Payment Systems?
An anonymous reader asks: "I run a smallish website that provides stock quotes, charts, etc for a very under-reported stock market. (I won't link here due to the Slashdot Death Ray effect, and because this is a real question, not an advertisement). Over the recent weeks, many of my site members have been asking if they could make a small contribution to help off-set costs, which I am considering. 'Tip Jars' seem tacky and I know many people aren't comfortable with Paypal. So, should I roll my own, or are there any highly recommended ways of doing this that I am missing? Any suggestions?"
Most of the people who are uncomfortable with Paypal are the ones who think whining about it makes them seem experienced or intelligent. For simply sending money, there's nothing wrong with it (as long as you don't mind using them).
The money you lose from people who enjoy bragging about how they refuse to use Paypal will be more than made up for by the time you save not having to implement something like this yourself.
This space intentionally left blank.
Paypal is awesome. I use it on www.frostedcookies.com to collect payments. No one has to register with paypal to send money - they can just enter their CC or checking account information and be done.
http://store.yahoo.com/ lets you set up a store that takes credit cards directly. you could "sell" contributions in various amounts.
I'd recommend going with some established solution that fits your budget. Rolling your own is likely to expose your users to all kinds of subtle security issues that could result in some nefarious jerk getting their credit card numbers or the like.
A creative solution I heard once was to auction "thanks" on eBay. For $2.50, you could buy the seller's "thanks", and you could buy as many (or as few) as you liked through the usual Dutch auction process. I don't know if anyone ever actually did this, but you might want to consider it.
Personally, I always use PayPal for website donations. I've never had anyone object.
Microsoft cheerleader, blue flag waving, you got a problem with that?
Rolling your own is begging to be owned.
Ignore people's unease, the real reason you don't want to go w/ paypal is the massive bite they take out of whatever people send you. You can't even ask people to donate a quarter because the entire quarter disappears.
Google for "amazon honor system" (minus quotes). I can't link you directly because it'll probably end up w/ a referral to me in the URL. ^^;; It might be what you're looking for.
Alternatively, for webcomic creators, Scott McCloud suggests trying BitPass, Yaga or Peppercoin...
[o]_O
If your visitors own a scanner, that's half the battle.
And put a donation button on your site that goes to PayPal. Just a small elegant button that says "support this free service" or something like that. Link to PayPal, or to a page explaining your expenses.
It's not begging. It's not tacky. It's just common sense. Bandwidth and time cost money. You can't distribute them for free like you can information. It makes sense to pay for them. Like I always say, "Information wants to be free, but bandwidth wants to be expensive."
After a while you can experiment with the other obscure services that people use, but PayPal is *it*. Yeah, "paypal sucks" but most people haven't had any problems (including myself). Just don't pretend they are a bank.
I -just- emptied my spam folders. I'm sure there would have been something you'd find useful in there...
You might be interested in http://www.bitpass.com/ for micropayments. Sounds good in principle but I've not yet implemented any of it on my site...
If you're accepting micropayments, you'll get bitten by the credit card companies and their merchant account fees.
Your best bet is to use something established like paypal or western union. The risks from a few customers not using the service because of it's name/reputation is must less significant than a lawsuit resulting from a mistake in your DIY financial solution.
Paypal has been a great solution for me.
Don't think that a small group of dedicated individuals can't change the world. It's the only thing that ever has.
The people I've seen complaining about Paypal are merchants who get bit by disputed transactions for services rendered. You won't have any dispute issues, so Paypal is great. From the customers POV, Paypal allows them to use a credit card in a very-secure website (time-tested) without giving the small-website-owner anything but money and an email address. Paypal doesn't require them to create accounts anymore either. Look to the other comments for tasteful display suggestions.
Everyone is entitled to his own opinions, but not his own facts.
Enquiring minds like to know.
there is no thing
what else could you want?
If you're based in the US, the Amazon Honor System is an option if your users are PayPal-wary.
EricSee your HTTP headers here
PayPal doesn't play at all with many countries.
This is a plug... but a useful one I hope. You can quickly get a handle on the "web's opinion" on things like this with compare-stuff, here's how:
;)
Four micropayment systems compared with respect to the words/phrases:
excellent
no hassle
efficient
extremely helpful
As you'll see, I'm trying to claw back my hosting fees with Amazon product links... Hasn't worked yet
Why not ask for checks in the mail? It seems to work for the credit card companies. It doesn't sound like you want to hide your sneakernet address.
If the contributions were going to be typically large and more numerous (more than $20 and thousands a month), then it would make sense to talk to your bank to get one of those machines to make CC transactions. Then ask for their credit card information on a secure section of the site. Store the transactions in a database, and then type them all in at the end of the day. It's not too difficult to do many an hour if you have a fast connection to your bank. I know because I used to deliver pizzas and we'd have to type in tips at the end of the day.
If you're going to have more than that, then it makes sense to get involved with one of the online credit card companies. They have some pretty strict requirements but it isn't too difficult to get into business with them. And it would save you a lot of time over driving to the bank to deposit checks or typing in CC transactions.
The radical sect of Islam would either see you dead or "reverted" to Islam.
I've seen some non-US charities use WorldPay, might be worth a look...
I was in a situation where I thought Pay Pal would have worked great for online payments, but I could not convince those around me that we could manage it and that it was secure enough. Basically I was banging my head against the desk since as a non-profit organization on a meager budget, we needed an online payment system to compete with others who also had online payment systems. Any suggestions for getting this through their thick skulls? (or is my skull to thick?)
This company is one that I have used for years. Read about the micro payment solutions Email $5.00 or $25.00, total transaction cost including the recipiant's cash out fee is $1.00. When an envelope and a stamp and a cheque can cost more, why would you use anything but?
The only two real options are
a) Paypal - sure a few people get turned off by it, but they are probably not your audience. This is the easiest way if you want to accept payments in USD/CAD/JYP/GBP/EUR or AUD.
b) Moneybookers (moneybookers.com) - like paypal with a few differences. If you sign up for thier merchant program you can use them to accept CCrds in the same way as you can with Paypal, except that.
1. No chargebacks. Moneybookers is "hard" currency, once you have it it's yours to keep.
2. More currencies. Moneybookers allows you to accept payments (and hold balance) in more currencies than paypal.
3. To pay via credit card your users will (the first time they do) will either need an SMS capable cellphone handy (they send a confirmation code to it so they at least have a known-good cellphone number) or a fax machine.
The other options (2checkout.com, a real merchant account etc..) would likely be too expensive and too much trouble.
NZ Electronics Enthusiasts: Check out my Trade Me Listings
Have them all give you cash, in hand, and you must meet them and decide if they are worthy of the product, ensure that you only have good customers, and you get more in-touch with them. Of course, this is crazy, but it is very secure if you have an array of body guards [or a beowulf cluster of them].
Video Production Support
Hi,
I went through the same problem last month for the website of my company (see sig). PayPal may be OK for "donations" but it is not good enough for e-commerce websites. PayPal is down or broken in some way about 100% of the time. Also, many people (including me) don't want to pay with PayPal because of all the problems you can read on PayPalSucks.
So I offer CC payments through eSellerate. I handle my own shopping cart and the user picks the payment means when he checks out. eSellerate is good for me because the commission is 10% flat, without a fixed fee. Most similar services charge something like "5% or $2, whichever is higher". My product cost $6.99, so $2 is a lot of money.
Also, you can really customize the checkout process on eSellerate so that the customer can't tell the difference between your site and the eSellerate checkout site. You can't do that with PayPal.
As a conclusion, please do not offer PayPal only. PayPal is not a reliable company and lot's of people avoid them.
Nobox: Only simple products.
You can use it as a tip jar or as an online subscription gateway. I've had good luck with them for Telltale.
Alex.
Paypal is not a bank. Micropayments are a joke. Authorize.net or Verisign's PayFlow Pro and a merchant account.
Paypal has worked just fine for the past year for collecting maintenance donations for a website I co-maintain. If all you're doing is accepting donations, this is probably as good a way to handle it as any. Since your site visitors can use credit cards to donate via Paypal, they don't need to register their own accounts. If they're especially paranoid, they can visit their bank's website - they should type in the URL on their CC statement, though, rather than guess it or Google for it - to get a virtual account number.
This should NOT, however, be taken as proof of anything. It is curious, it is worth keeping an eye on, and if anyone from Paypal visits Slashdot, I'd seriously suggest running a quick security audit. It is doubtful that that's where the problem is, but I can afford to cancel one card far more than they can afford to have a major crisis of confidence.
The second line of thought is that of the online payment systems that exist, or ever have existed, Paypal is the only one that seems to have worked and is the only one that is widely recognized. As such, for the small vendor, it is likely the only viable option.
The third line of thought concerns roll-your-own systems. I've written such systems, but that's because I have a good idea of what I'm doing. Computer security is a hazardous arena to enter and mistakes are easy to make. Most algorithms have known weaknesses, but not all weaknesses are applicable under all circumstances.
A classic example was a flaw in one of Netscape's early browsers. The SSL implementation had a flaw, which meant that the keyspace used was substantially smaller than the keyspace available. This was long before e-commerce really took off and would still have prevented opportunistic attacks, but it did mean that a well-equipt group could have sniffed sensitive information without any machines being compromised.
Netscape were not amateurs - they pioneered SSL in the first place! Nonetheless, they were still able to make a mistake that went undetected for some time.
MIT's Kerberos team, likewise, has produced "brown paper bag" flaws in one of the most extensively examined and utilized authentication systems on the planet.
Anyone producing their own system must be absolutely rock-solid sure of the strategy they are following, the algorithm(s) they are using, the implementation(s) they are writing and their ability to detect the failure of all of these. Even then, the odds are painfully high that they're making a bad mistake that could impact everyone who trusts their system.
If you do go for a roll-your-own system, above ALL ELSE, follow the Golden IT Rule - Never, Ever, Ever Use Version 1.0!
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
No. You're 100% wrong. Regular credit card processing companies will freeze your account. I've seen it happen first hand.
One company that my company makes e-commerce, inventory management and meat point of sale software for had over $50,000 in already processed charges for a week withheld without warning. The reason given (after the fact) was that too much of the company's business was coming from the Internet, and the CC processor was "nervous" (the exact word used.) This wasn't a sudden influx, in fact it wasn't more than a few percent different from the previous four weeks or so at the time. No unusual / atypical number of chargebacks was being encountered, nothing out of the ordinary was going on at all, other than the business was slowly and steadily becoming more successful for various reasons.
So what happened? The money was held for six months before they grudgingly gave it over, admitting there was no problem. By that time, they were no longer processing this place's charges, but that didn't make them move any faster.
A new credit card processor was found, one of the local banks covered the week's gap in income with a 90-day note based on the company's history with the bank, and the day was saved - no thanks to the cc processor. The business still had to come up with 50 grand out of the blue to pay off the note to the local bank, but they were healthy and they pulled it off.
Consider, if this particular business wasn't a pretty darned good operation, that might have killed them. As it was, there was much wailing and gnashing of teeth, as you well might imagine -- no one needs a week's cash flow knocked into limbo without warning.
The CC processors can do it, they will do it, they have done it.
When you sign up with a credit card processor, you need to read the terms, line by line and with careful attention paid as to how any particular situation described or alluded to will affect your business if the processor exercises the option described. Then you need to plan what you will do in each of those situations. If you're not prepared, you'll have to take your pleasure in complaining to your friends and family, because that's all the recourse you have.
The cold, hard fact of the matter is that credit card processing and sourcing companies hold all the cards, no pun intended.
They agressively advertise to consumers that they (the consumer) will never be liable for fraudulent use of their card. Which is true. Then they turn around, every time, and dump the fiscal damage on the merchant.
That's right. If you sell something via CC, even if you validate the address and ship to that address, you can still have a chargeback, you are in no way protected. You get lines like "my boyfriend used my card without my permission" and you're flat out of your merchandise, the funds are taken directly from your account, and that's the end of it. The cops in some remote city or podunk town won't lift a finger to do anything about it, and for 99% of the merchandise involved, the merchant can't afford to pursue it.
Who isn't hurt by this? (1) The consumer, (2) the thief (who may be the consumer!) (3) the credit card company and (4) the credit card processor. The merchant takes the hit, each and every time. You can't opt out or you can't process cards, which probably means you and everyone who works for you need to get a McJob.
So don't underestimate what a "normal" cc company can do to you. Paypal is no better or worse. Behave yourself, co-operate with any investigation and don't hesitate to refund when asked, and you will probably not have to deal with a frozen or closed account. Try not to grit your teeth when you have to pay for a blatent rip-off; it's part of the landscape, and these companies have rigged it so you cannot fix the problem. Complain in any major way, and you could have all your
I've fallen off your lawn, and I can't get up.
Moneybookers do look far more organised than any other merchant acquirer pass through i have seen, and i would decidely prefer to deal under UK law with a firm i can locate in my neighborhood, but you are wrong to say that chargebacks do not happen. I see no way that a _customer_ of a merchant network / acquirer can unilaterally negate terms which the network (Visa e.g.) imposes universally on all merchants.
I have not yet found how Moneybookers effects the clawback, but i presume it is doable because whilst the "payment" within Moneybookers' system is instant, the payment to your bank account via BACS, CHAPS, SWIFT or however they do this, is not instant. SWIFT and CHAPS _can_ be instant, but only expensively, and few but the largest corporations have access to those systems. BACS in the UK is not immediate, and has an automatic clawback system in place. I have banked with a proper retail bank in the UK which relied on just one solitary CHAPS terminal for it's whole operation, to give you an idea how carefully the "good" payment networks are actually controlled.
*BACS - Bankers' Automated Clearing Service
*CHAPS - Clearing House Automated Payments System
*SWIFT - Society for Worldwide Interbank Financial Telecommunication
from http://www.moneybookers.com/app/help.pl?s=terms
Its a little like slashdot but run by an Australian and much much funnier.
Anyway he justs puts his bank account up on the web.
You probably have a company account or such that you can use instead of your personal account.
http://forums.zgeek.com/faq.php?faq=new_ faq_zgeek#faq_new_faq_who
Here's a bit of a different perspective. A user's perspective. I have used Paypal and use it frequently for my ebay purchases and sales. However when I go to any site where I want to buy something from and I see Paypal, I just don't get a warm and fuzzy feeling. It just creates the impression of a second rate site. Since last one year, I have been buying content from some sites that use a different payment system that I have not seen a lot of 'buzz' about. However, from my experience, it is a truly wonderful system. Recently, I bought a report from a company called Riskcenter in NY that uses this system (Click&Buy). I had some problem and I called an 800 number. I was surprised with the customer service that was provided by Click&Buy (I had expected Riskcenter to pick up the phone). I think for a small merchant, this might be a good option - so that you focus on what you do best, allow other things to a vendor. I have also bought content from Europe using Click&Buy (www.btclickandbuy.com). Gira.
Question: When is the zerg subject troll going to start getting modded down?
[o]_O
Onetime payment and then they charge you a fee on each transaction...
Similar to paypal actually...
BlackNova Traders
anyways, I know some banks specifically allow you to block access by acct number if thats what you want to do.
I didn't know about the $30 fee for stop-payment orders... that seems like a real dick move on their part.
Does your CC company do the same thing when you tell them to cancel/reverse charges?
[Fuck Beta]
o0t!