On the face of it, eCommerce has all the hallmarks of magic, especially for small to medium-sized businesses.
Imagine: You’re out to lunch with a circle of friends. One of them gets a ping on their cellphone for a brand they follow online, letting them know an item on their wish list is now available. Click. The item is in the cart. Click. The item’s paid for, with the card on file — and on its way to the doorstep to be delivered the next day.
Sara Craven, general manager of Visa’s Authorize.net and Verifi, told Karen Webster that, indeed, the seamlessness of eCommerce may seem like a bit of alchemy, leading to a happy consumer and merchant’s improved fortunes.
When things work, Craven said, “it all feels very natural.”
But what goes on under the hood — and behind the scenes — is complex, involving a broad range of players.
Craven’s detailing of what happens after the consumer makes the leap into an actual transaction came as the first installment of PYMNTS’ “Road to Revenue” series — offering small and medium-sized businesses (SMBs) a look at what happens in the chain of actions and interactions once a customer hits the “buy” button.
No matter the transaction, no matter the merchant storefront or platform, a few key fundamentals apply and are worth spotlighting.
It’s critical to ascertain that a customer is authorized to use credentials through a robust authentication process. Accounts must be verified, ensuring that card account numbers are legitimate and that there are sufficient funds in place to satisfy the payment obligations.
There are three main steps involved, Craven noted.
During authorization, the customer clicks the “buy” button on an eCommerce website or pays at a point-of-sale (POS) terminal. The payment gateway, like Authorize.net. manages the process of checking that payers have enough money to pay for the goods or services.
Second, during the capture stage, the issuer either approves or declines the transaction and places a hold on the money.
And during step three, settlement, the money is transferred from the customer’s account to the merchant account.
But before and as the money flows, there are some key boxes that need to be checked. The merchant wants to make sure that someone who is presenting credentials is indeed who they say they are — that the authorized user has sent legitimate credentials to the merchant. The transaction itself is held for milliseconds as payments are sent to processors and the processors make sure that consumers are not spending money that they do not have.
In the digital age, of course, fraud remains an evergreen concern. Craven noted that Authorize.net’s Advanced Fraud Detection Suite (AFDS) allows stakeholders to set rules to prevent fraud based on their customer bases — even for the smallest merchants. AFDS lets merchants set up as many as 13 fraud filters, such as minimum transaction thresholds and payment velocity or country limits.
“Different merchants have different requirements on what they want to accept,” said Craven, who added that Authorize.net facilitates payments between acquirers and merchants as the latter “look for what makes the most sense, while creating rules based on whether they are selling physical or digital goods.”
Tokenization and AFDS, she said, help protect and securitize the credentials surrounding the customer as merchants tighten and relax rules as they see fit. Craven added that “more information is being aggregated and collated about consumers to help merchants make good decisions.” Tokens also have the advantage, Craven said, of allowing streamlined recurring purchases through continuous re-authentication.
As she told Webster in offering up her own take on the optimal commerce experience, “You don’t want to turn away good transactions — and finding the balance between authorizing the ‘good stuff’ and walking away from the transactions that may have some risk is really important … and the merchants don’t have to be payments experts.”