Article provided by PayFast
In this part we’re going to focus on the various payment methods, things to consider when choosing your payment gateway, integration with your chosen shopping cart system, payment restrictions, security and the payment landscape.
What we aren’t going to focus on here are the numerous payment gateways out there and nit-pick between all of them.
This is a long post, so let’s get to it.
Payment Methods
Omnichannel payments are becoming a cornerstone and trademark of eCommerce, there are literally dozens of ways to pay online with new payment methods continually being developed and existing methods being improved upon.
Here is a look at not only the payment methods that we offer, but also some of the other methods available out there.
Credit Cards
Credit cards are the most widely used online payment method and allow sellers to accept both local and international payments. Any merchant should make card payments their first priority when setting up their payment methods.
As an example, with PayFast merchants can accept payments from two of the most widely used card providers Visa and Mastercard. There are other payment providers that offer the likes of American Express and Diners Club, but bear in mind that there cards carry higher costs and odds are that the client using one of those cards will also have a Visa or MasterCard…
Benefits
- Ease of use
- Receive local & international payments
- Payments reflect immediately in your payment gateway account
- Built in fraud protection
Click here to register your free PayFast account to accept credit card payments today.
Instant EFT
Instant EFT is PayFast’s patented method of completing online purchases by making an internet banking transfer and unlike traditional EFT payments it gets instantly verified. There is no two day wait*, you don’t need to send in proof of payment** and it can be used with South Africa’s four biggest banks: ABSA, FNB, Nedbank and Standard Bank.
Benefits
- Clears immediately; no two day wait*
- No proof of payment required**
- No delays during checkout
- Works on all browsers and platforms
Click here to register your free PayFast account to accept instant EFT payments today.
*Occasional clearing delays with the banks (specifically Standard bank) are beyond our control.
**In the event of a clearing delay or incorrect submission of reference info a proof of payment may be required in order for PayFast to clear the payment.
Bitcoin
Bitcoin is an innovative digital payment method, performed over a peer-to-peer network and the most popular Cryptocurrency available. PayFast have partnered with Luno (previously known as BitX)to allow sellers to accept Bitcoin payments.
Buyers can purchase Bitcoin in a variety of ways (in almost any country in the world) and use it in a variety of ways: including online purchases using PayFast.
Buyers simply pay the Bitcoin amount (at the current rate of exchange) during checkout. Sellers will still receive South African rand, just like with all our other payment methods.
Neither PayFast nor the seller receives or stores any Bitcoin, so there aren’t any risks of security, volatility or exchange rate fluctuations.
For a more in-depth explanation, please see our launch blog post.
Benefits
- Accept international payments
- Guaranteed payments, no chargebacks
- You receive the ZAR amount requested*
- No risk of exchange rate volatility
*Less the small PayFast fee.
Mobicred
mobicred is an online account that gives buyers access to credit, which they can use on PayFast. The facility works in a similar fashion to retail store credit: only online. mobicred charges interest rates comparable to those of credit card providers and only levies monthly fees while the account is used (unlike most credit cards).
Benefits
- Payments clear instantly
- Gives access to buyers without credit cards
- Available to buyers from most SA banks
- No risk of chargeback or default to seller
For more information on mobicred, please see their website.
Masterpass
Masterpass is a simple, convenient, trusted digital wallet from MasterCard for faster, safer shopping at online merchants.
A digital wallet makes online shopping safer and easy by storing payment information in one secure place.
Masterpass works with all major credit, cheque and debit cards and secures the users data using industry leading technology.
Benefits
- Ease of use
- Simpler checkout (reducing cart abandonment)
- Payments reflect immediately in your PayFast account
- Advanced fraud protection
PayD
In addition to credit and cheque cards, you can also accept debit card payments with PayFast and payD. Debit cards are much more prevalent in South Africa than credit cards and you’ll get access to the millions of buyers without credit cards. Transactions are final and there is no risk of chargeback to the seller.
Supported card-issuing banks:
- Standard Bank
- ABSA
- Nedbank
Supported mobile operators:
- MTN
- Vodacom
For more information on payD, kindly see their website
Other Payment Methods
PayPal
PayPal is one of the most popular online payment services worldwide. It enables the user to accept payments, pay for goods and send money without revealing their financial information.
Although PayPal is available in South Africa (through FNB) the service does not allow merchants to accept payments in Rands.
Visa Checkout
Visa Checkout is a digital payment service designed to simplify the checkout experience using a secure, single sign-on across channels and devices using a customer’s preferred payment method.
VC Pay
VCpay is a mobile application that allows the user to create and load funds to an amount-specific virtual MasterCard.
Rewards Programmes (eBucks & Discovery Miles…etc.)
These incentive programmes reward subscribers/users whenever they fulfil criteria required to earn points – for example for every R5 spent on a linked credit card the user gets 1 point. These points are then accumulated and users are then able to redeem them on retail items, airline tickets, accommodation, fuel and much more.
Over the past couple years rewards programmes have become increasingly popular among users and the resulting demand has seen more and more merchants partner with at least one of these programmes.
NFC & MST Payments (Samsung Pay, Apple Pay & Google Pay…etc.)
These are relatively new payment options and not readily available in South Africa yet. They make use of super-fast tap-to-pay mechanisms to speed up the checkout process – NFC makes use of radiowaves and MST uses magnetic fields to send encrypted payment information.
Samsung Pay and Apple Pay are currently only available on the Galaxy S6 and iPhone 6 and Google Wallet is available on any device with the app, however tap-to-pay is only available on NFC-enabled Android phones.
These payment options are relatively secure since the retailers don’t get your card details, the newer devices (Galaxy S6 & iPhone 6) also require fingerprint verification to approve payments.
Some of the downsides are that NFC payments only work with NFC-enabled registers and Samsung’s MST option, although technically available everywhere because the device just needs to be held above the magnetic stripe reader on a card machine, is frustrating because the device needs to be held in a certain way for it to work.
There are many other payment methods out there but this overview should give you a good idea of what is available now and where payment methods are heading in the not too distant future.
Choosing your Payment Gateway
Nowadays there are plenty of payment gateways to choose from and this is where things can become complicated.
Here are just a couple things to consider when choosing your payment gateway:
- Is the payment gateway supported by your chosen eCommerce platform?
- Always try to choose a payment gateway that already has a plugin for your eCommerce platform.
- You can view the eCommerce platforms that integrate with PayFast here.
- Do you have a merchant account?
- Some payment gateways (like PayFast) offer an all-in-one payment solution. Others only provide the payment gateway service and require you to have your own merchant account. Generally, if you’re starting up using a provider that offers both is the most cost effective choice.
- How do you want to take payment details from customers?
- Payment form on your site and details sent to your server – not the most secure, not cost effective and you are directly responsible for security.
- Payment form on your site and details NOT sent to your server – a compromise of sorts and although you have fewer security concerns, it is still far more than with a redirect or iFrame.
- Redirect or secure iFrame – the most secure option, but probably won’t match the look & feel of your site.
- What payment methods does the gateway offer?
- Always make sure that the payment offers at least some or all of the payment methods that you would like to use.
- Make sure that the payment methods offered are the methods most commonly used in your market.
- What are the Fees?
- Does the payment gateway charge monthly, set-up fees, fixed per-transaction fees, variable fees…etc. – this is a big one and shouldn’t be overlooked as it will directly impact your bottom-line.
- This may seem obvious, but the fees displayed will more than likely be excluding VAT (yes payment gateways pay tax too) – we get asked about this a lot!
- Is there a contract?
- Some payment gateways lock you into contracts, while others give you the freedom to use the service without the need for contracts or monthly fees. If you aren’t happy with your chosen provider would you rather be locked into a two-year contract, or would you rather have the freedom to move on as you desire?
- Do you want to use more than one payment gateway?
- A lot of shopping carts allow for the use of multiple payment gateways. This can be useful in offering additional payment options that your primary gateway may not offer, or as a backup if your primary payment gateway has any problems.
- Be aware of the fact that this is South Africa and not all payment gateways transact in Rands, this becomes an issue when you have set your base currency as Rands and the alternate payment gateway simply doesn’t support the option.
- Local vs International payment gateway?
- The major difference between local and international payment gateways is that the local service transacts in Rands, whereas the payment gateways that are based overseas transact in their respective currencies (e.g. US Dollars), even in South Africa.
- With PayFast, merchants will receive payouts into a South African bank, which is not generally the case with overseas payment providers.
- Overseas payment providers fees are higher on average than PayFasts and don’t forget about those currency conversion costs, which you don’t have to worry about with us.
- With PayFast your funds clear within 48 hours, while with overseas payment providers this process takes considerably longer (up to 21 days).
- Is the gateway reputable?
- Payment processing is serious business and it’s critical to your business, so you’ll want to pick a gateway that has a good reputation and is well known, as opposed to a one that nobody has ever heard of.
- Another thing to consider is if the gateway has had any significant breaches or security issues, especially in recent times.
- You might want to look at how the gateway treats their merchants and if there are any glaring issues there. Don’t necessarily just focus on public and social media complaints though, since those tend to be inflammatory, one-sided and often don’t take into account the gateway’s perspective…so take this information with a pinch of salt. It’s often best to speak directly to merchants using both your chosen platform and potential gateway to get the most well-rounded feedback.
- Does the payment gateway offer decent security and support?
- This is ultimately a “how long is a piece of string” question, because all reputable payment gateways offer some level of support and security, if your gateway doesn’t, then you could be in for a world of hurt down the line.
- Check to see if the payment gateway in PCI compliant and what level they are at.
- Does the payment gateway respond to support queries within a reasonable amount of time?
- How much security and support do you get when using a particular shopping cart & payment setup? Some setups mean that you will take on the security risk (as mentioned earlier), but also if the shopping cart integration was done by the shopping cart platform then support would more than likely come from the shopping cart platform as opposed to the payment gateway. In this scenario the payment gateway would only provide support relating directly to payment processing.
Payment Gateway Integration
Because eCommerce has developed so significantly over the last decade or so, setting up Payments is now easier than ever.
Don’t worry if you’re not looking to integrate with one of our existing integrated platforms or just want a simpler payment option, PayFast also provide the following integration options:
Request payment via email
Generate a ‘Payment Request’ link and send it to your customer via email directly from your PayFast account.
Quick easy solution without the need of any additional systems or websites.
HTML ‘Pay Now’ button
Paste a ‘Pay Now’ button on your website.
Add a payment button on your website – no need for any additional systems or shopping carts.
Custom integration
Do you have special requirements, a large store or a big budget? Maybe you are or have access to a developer, and would like to know how to integrate with PayFast.
Find out more about custom integration here.
But if you’re like most eCommerce merchants then you’ll more than likely be wanting to integrate your payment gateway with one of the major eCommerce platforms.
Below are some guides to help you out:
Platform integration
Integration can still be tricky and require a fair amount of work if the payment gateway hasn’t yet integrated with your chosen platform. Thankfully PayFast has already integrated with many shopping cart platforms to make setting up payments a breeze.
For the purpose of this series we’re going to show you how to integrate with the shopping carts we looked at in Part 1 of this series.
Firstly, in order to use PayFast with any of these platforms you will need to register and verify your free PayFast account.
You will also need your PayFast Merchant ID and Merchant Key.
Shopify
Log into your Shopify admin, click Settings > Payments. In the “Accept Credit Cards” section, select “PayFast” from the drop-down menu and enter your PayFast Merchant ID and Merchant Key (you can also obtain this information from the Accounts page on PayFast once logged in).
Unfortunately, sandbox (test) mode for PayFast has not yet been enabled on Shopify. This integration has, however, been tested extensively, so as long as you enter your correct Merchant ID and Merchant Key you should not have any problems. To test that everything is working correctly, you could create a low priced product, a minimum of R5.00 is required to test credit cards, make this product invisible to the public and complete a purchase in live mode, making a note of anything that needs changing or fixing along the way.
WooCommerce
Download the PayFast plugin here
Unzip and upload the plugin’s folder to your /template/ext/ directory.
Activate the extension in Plugins menu of WordPress.
Go to: WooCommerce > Settings > Payment Gateways > PayFast and enter your PayFast Merchant ID and Merchant Key.
It’s possible to test whether the PayFast payment gateway is connecting correctly before going live. To do this, place the gateway in Sandbox Mode by enabling PayFast Sandbox. This will replace your Merchant ID and Merchant Key with an ID and Key for the Merchant Sandbox testing area.
Magento
Download the PayFast plugin here.
For instructions on how to install the plugin using Magento Connect or directly from Payfast click here.
Once the PayFast plugin has been successfully installed then follow these steps to finalise the setup:
Using the main menu, navigate to System > Configuration
Using the left menu, navigate to Sales > Payment Methods
Enter the following details under the “PayFast” heading:
- Enabled = Yes
- Merchant ID = Integration page>
- Merchant Key = Integration page>
- Server = Live
- Debugging = No
Click “Save Config”
For sandbox testing info click here
PrestaShop
This will show you how to setup PrestaShop cloud, to setup the self-hosted version click here
To install the PayFast payment module, follow the instructions below:
- Download the PayFast addon from the PrestaShop addons site
- Navigate to modules in the admin dashboard of your PrestaShop cloud site
- Click on ‘Add New Module’ in the top right corner of the screen and follow the prompts
- Select the PayFast addon downloaded in step 1 for upload
- If you are not able to select a file for upload you may need to logout of the PrestaShop addons site (navigate to your profile, select ‘Preferences’ and then ‘Log out of addon account’), then repeat the installation process from step 2
- Click on the “Install” button to install the module
- Once the module is installed, click on “Configure” below the PayFast name.
- The PayFast options will then be shown, and you will see the module is ready to be tested.
- Leave everything as per default and click “Save” in order to test in sandbox mode
- To see that it is working correctly and steps to go live, click here.
Ecwid
Open your Ecwid control panel and go to System → Settings → Payment page. Locate “credit card” under Payment Methods and click “Change” link under Payment Processor column. In the drop-down box find and choose Credit Card: PayFast.
A setup window will open:
Input your Merchant ID, Merchant Key and PDT Key* – these can be found on the settings page of your PayFast account.
*The PDT is actually made use of and the input requirement should be done away with at some point.
Restrictions
Something that is often overlooked when signing up with a payment gateway are the restrictions that a gateway might have. Here is a look at some of the common restrictions:
Credit Card Limit
Per transaction card limits are put in place to protect both the payment gateway and merchant from potential fraud and other risks. You can generally request to have this limit increased and certain factors will be taken into consideration when doing so:
- Your history with the payment gateway
- The nature of your business
- The new limit required
- Where you expect transactions to be coming from
Once your limit has been increased, it is not uncommon for a retained balance to be added to your account.
Retained balance
A retained balance is a portion of funds which you will not be able to withdraw from your account until a certain period of time has passed once you close the account (eg: 90 days).
You can think of this retained balance as a security deposit, the size of which is determined by the risk associated with your account. The higher the level of risk, the higher the retained balance.
International Payments
Not all payment methods offered by your payment gateway will be available to international buyers, make sure that you are aware of what is available to them and advise potential international buyers accordingly.
Receive funds in other currencies
If your payment gateway is a South African company then they are only allowed to accept Rand as payment by law. Even if your store displays the price of an item in another currency your base currency will be in Rands.
Recurring payments
Not all payment gateways allow for receiving recurring payments. Make sure to cater for this should your chosen gateway not provide this service.
Payouts
Be sure that you know when and where your funds will be paid out to. For example, most payment gateways will only payout into local bank accounts. It’s also a good bet that your gateway won’t payout funds to a credit card.
Payouts will generally need to be requested and payments are subject to 48 – 72 hour holding periods before a payout can be requested, thereafter it could take up to 2 working days for the funds to reflect in your bank account.
Security
The fundamentals that you want to consider when it comes to security are:
How secure is the Payment gateway? (Using PayFast as a bench mark)
- PayFast is PCI level 1 compliant (the highest level)
- PayFast is developed with the same demands on security and performance as web sites used for banking services and share trading. Your account login, personal details and all money transactions are secured using Secure Socket Layer (SSL) technology with high security 256 bit encryption.
- Your sensitive financial information (like credit/debit card details) is never sent to the people/businesses you make payment to.
- We make use of 3D Secure to further enhance the security of credit card transactions on PayFast.
If your chosen payment gateway doesn’t meet these criteria then you should consider looking elsewhere.
How do I make sure that my account is as secure as possible?
- Login restrictions by hostname / IP or Country
- For added security it is possible for you to restrict your login to your account to a hostname/IP address and country. This will prevent anyone accessing your account from unauthorised locations/devices and notify you if anyone is attempting to do so – learn more.
- Two-Factor Authentication
- Two-factor authentication is a simple method of asking for something you know (your password) and something you have (your mobile phone). After you enter your email address and password, you’ll be prompted to enter a code. This code can be generated using a free iPhone/Android app called Authy, or you can have it sent to you via SMS – learn more.
- Abnormal login notifications
- The abnormal login notification sends an email to notify you if there is a login to your account from a location which is outside of your normal behaviour – learn more.
What can I do to prevent Fraud?
- Restrict Credit Cards from certain countries
- One of the easiest ways to secure yourself against online fraud is to limit receiving funds from credit cards issued in the country that your online business serves – learn more.
- Be aware of suspicious emails (phishing scams)
- Phishing scams happen when a fraudster contacts you, claiming to be a representative of PayFast or you receive fake “automated” system messages which appear as if they were sent by our system. The goal is to trick you into believing that a payment has been made to your account and getting you to deliver items you might be selling or to retrieve sensitive financial information from you. – learn more.