More efficient and secure payment processing technologies have brought about changes to online shopping. Creating a shopping experience that is more convenient, streamlined and safe.

The increased use of electronic payments provides businesses the opportunity to minimize the costs and inefficiencies associated with the acceptance of outdated payment methods.

With the development of online payment processing, payments can be accepted anywhere. As payment systems on the Internet become more common, older payment methods are being replaced. Many customers prefer and expect to be able to pay for items online, which makes an online payment system an important feature for businesses to have.

These payment processing features have been developed to enable financial transactions to be completed with more speed, efficiency and security.

Mobile payment systems

Mobile payments

One common factor that affects online payments is mobile devices. Smartphones play a vital role in payment processing for many customers. In fact about 57% of shoppers in the United States used a mobile device to find out more information about a product or service.

Mobile payments have become one of the standard methods used to process payments online and offline. Customers use mobile devices to complete a number of transactions. Such as using a smartphone or a tablet to complete purchases. There have been a number of new trends in mobile payments which includes digital wallets and voice payments.

Digital wallets

A digital wallet refers to an electronic device, online service, or software program that allows one party to make electronic transactions with another party by trading digital currency units for goods and services. This can include purchasing items on-line with a computer or using a smartphone to purchase something at a store. Money can be deposited in the digital wallet prior to making any transactions or an individual's bank account can be linked to the digital wallet.

Advantages for eCommerce websites

Upwards of 25% of online shoppers abandon their order due to frustration when filling out forms. The digital wallet resolves this problem by giving customers the option to transfer their information easily and securely. This simplified approach to completing transactions results in better usability and a better experience for the customer.

Digital Wallets can also increase the security of the transaction since the wallet typically does not pass payment card details to the website (a unique transaction identifier or token is shared instead). This feature is a common approach of online payment gateways.

Digital wallets help to reduce PCI Compliance burden and cost Prior to 2008, PCI DSS Compliance was considered a “best practice” for businesses accepting payments online. Today, it’s a requirement. So what is it? The Payment Card Industry (PCI) Data Security Standard (DSS) is a set of rules and regulations established by the credit card companies to ensure merchants are securely processing their customers’ payments. The PCI Standard is mandated by the credit card brands but administered by the Payment Card Industry Security Standards Council.

All merchants have been required to certify PCI Compliance for quite some time. In the past, enforcement of it (especially for small businesses) has been lax. However, the Card Issuers (Visa/MasterCard, American Express, Discover) have started imposing fines on those that do not enforce PCI Compliance requirements; so enforcement is becoming a much greater priority.

Contactless payments

In order to make payment transactions more efficient and secure, financial institutions have developed contactless cards. These are cards that are used with the same near field communication technology as mobile wallets.

Contactless payment systems are credit cards and debit cards, key fobs, smart cards, or other devices, including smartphones and mobile devices, that use radio-frequency identification (RFID) or near field communication (NFC) for making secure payments. E.g. Samsung, Amazon, Apple, Google Pay, or mobile applications that support contactless payments. The embedded integrated circuit chip and antenna enable customers wave their card, fob, or handheld device over a reader at the point of sale terminal. Contactless payments are made in close physical proximity, unlike mobile payments which use broad-area cellular or WiFi networks.

Some suppliers claim that contactless transactions can be almost twice as fast as a conventional cash, credit, or debit card purchase. Because no signature or PIN verification is typically required, contactless purchases are typically limited to small value sales.

Contactless cards are easy to use. A customer just needs to tap a payment terminal while placing their card within about 4 inches (10.16 cm) of it to complete a transaction.

In June 2017, it was reported in UK media that purchases made by contactless cards surpassed those made by cash for the first time. This has been driven by the rise in contactless payments, which account for approximately one-third of all card transactions in the UK.

Recent statements by Visa and other US card issuers indicate that they will increase the availability of contactless cards to US consumers in the near future. Visa estimated there will be 300 million contactless cards issued in the US by the end of 2020.

EMV Payment Cards

EMV originally stood for Europay, Mastercard, and Visa, the three companies that created the standard. EMV is a common standard used by major credit card and smartphone companies for use in general commerce.

EMV cards are smart cards, also called chip cards, which store their data on integrated circuit chips, in addition to magnetic stripes for backward compatibility.

Two major benefits to using smart-card-based credit card payment systems are: improved security, and the potential for finer control of “offline” credit-card transaction approvals.

After widespread identity theft due to weak security in the point-of-sale terminals at Target, Home Depot, and other major retailers, Visa, Mastercard and Discover in March 2012 – and American Express in June 2012 – announced their EMV migration plans for the United States. Since the announcement, multiple banks and card issuers have announced cards with EMV chip-and-signature technology, including American Express, Bank of America, Citibank, Wells Fargo, JPMorgan Chase, U.S. Bank, and several credit unions.

EMV chip card transactions improve security against fraud compared to magnetic stripe card transactions that rely on the holder's signature and visual inspection of the card to check for features such as hologram. The use of a PIN and cryptographic algorithms such as Triple DES, RSA and SHA provide authentication of the card to the processing terminal and the card issuer's host system. The processing time is comparable to online transactions, in which communications delay accounts for the majority of the time, while cryptographic operations at the terminal take comparatively little time.

While chip card transactions may take a bit longer than magnetic stripe transactions, total card processing time will vary between merchants and eventually speed up as the new payment environment is improved.

ISO/IEC 7816-3 defines the transmission protocol between chip cards and readers. Using this protocol, data is exchanged in application protocol data units (APDUs). This comprises sending a command to a card, the card processing it, and sending a response. EMV uses the following commands:

  • application block
  • application unblock
  • card block
  • external authenticate (7816-4)
  • generate application cryptogram
  • get data (7816-4)
  • get processing options
  • internal authenticate (7816-4)
  • PIN change / unblock
  • read record (7816-4)
  • select (7816-4)
  • verify (7816-4).

Commands followed by “7816-4” are defined in ISO/IEC 7816-4 and are inter-industry commands used for many chip card applications such as GSM SIM cards.

An EMV transaction has the following steps:

  • Application selection
  • Initiate application processing
  • Read application data
  • Processing restrictions
  • Offline data authentication
  • Certificates
  • Cardholder verification
  • Terminal risk management
  • Terminal action analysis
  • First card action analysis
  • Online transaction authorization (only carried out if required by the result of the previous steps; mandatory in ATMs)
  • Second card action analysis
  • Issuer script processing

Since version 4.0, the official EMV standard documents which define all the components in an EMV payment system are published as four “books” and some additional documents:

  • Book 1: Application Independent ICC to Terminal Interface Requirements
  • Book 2: Security and Key Management
  • Book 3: Application Specification
  • Book 4: Cardholder, Attendant, and Acquirer Interface Requirements
  • Common Payment Application Specification
  • EMV Card Personalization Specification

EMV cards can also support contactless card reading, also known as near field communication. Instead of dipping or swiping, NFC-equipped cards are tapped against a terminal scanner that can pick up the card data from the embedded computer chip.

NFC (Near field communication)

NFC devices can be used in contactless payment systems, similar to those used in credit cards and electronic ticket smart cards and allow mobile payments to replace/supplement these systems.

NFC is a set of communication protocols for communication between two electronic devices over a distance of 1 1/2 inches (3.81 cm) or less.

Near-field communication (NFC) describes a technology which can be used for contactless exchange of data over short distances. Two NFC-capable devices are connected via a point-to-point contact over a distance of 0 to 2 cm. This connection can be used to exchange data (such as process data and maintenance and service information) between the devices. This interface can be used for parameterization of the component as well.

NFC-enabled portable devices can be provided with application software, for example, to read electronic tags or make payments when connected to an NFC-compliant apparatus. Earlier close-range communication used technology that was proprietary to the manufacturer for applications such as stock tickets, access control and payment readers.

Voice payments

Voice recognition technology has become more common in everyday life. With the development of voice recognition and artificial intelligence, customers are able to complete financial transactions with voice payments.

Virtual assistants, whether on our smartphones such as Apple's Siri, Google Assistant or in our smart home speakers such as Amazon's Alexa, have entered customers’ lives with the hope that they will improve them.

More than 18 million US customers have made a voice payment.

The volume of voice-based spending is set to grow twenty-fold over the next few years due to the rapid consumer adoption of home-based smart speakers, the expansion of smart homes and the growing integration of voice-based virtual assistants into automobiles.

Google, Apple and Amazon Major companies such as Google, Apple and Amazon have been the leaders at offering online payments. Options such as Google and Apple Pay have allowed customers to take full advantage of the benefits of making payments on the internet.

Amazon envisions paying with your palm

Amazon’s retail team introduced a biometric device that will allow shoppers to pay at Amazon Go stores using their palm. The “contactless” Amazon One, is a scanner where you first insert your credit card, then hover your palm over the device to associate your palm signature with your payment mechanism. Once your card is on file, you’ll be able to enter the store in the future just by holding your palm above the Amazon One device for a second or so.

Payment security

Many businesses are looking to provide better solutions for completing transactions online. Security is critical to protect their customers’ information. Features such as multi factor authentication and biometrics increase security for making payments online. Many customers prefer to use biometrics in order to complete transactions. This will become a more common way to complete online transactions in the future. Businesses will continue to use encryption and fraud detection in order to provide more security for customers.

Biometric authentication

Biometric authentication methods allows customers to use fingerprint ID and facial recognition in order to complete transactions. Some experts believe that by 2021, over 18 billion transactions will be completed through biometric authentication. Companies such as Apple and Samsung already use fingerprint authentication. Some platforms aren’t as secure but the technology is more reliable and less expensive than other options. Since a lot of fraudulent transactions and breaches of security take place, using biometric authentication helps to improve the security of online payments and transactions.

Payment Processing Software Development

How to choose the right development partner. Questions to ask:

  • Are they experienced?
  • Have they implemented these technologies before?
  • Who will oversee my project?
  • Will they share my vision and how will I communicate it to the developers?
  • Can we scale the resources to match the scope of my project?

About Nexus Software Systems

Founded in 1985, Nexus Software Systems is a global provider of payment processing software development. Nexus Software Systems’ specialized technology and industry experts serve startups, small to medium-sized businesses, and Fortune 500 companies with an unparalleled software delivery model suited to their needs.

Contact us to learn more about enhancing your payment processing system with features that will improve conversions and create a shopping experience that is more convenient, streamlined and safe.