Digital Transactions Authoritative, insightful and timely information for payments professionals
Lauri Giesen
The big retail growth is online and in mobile commerce, but ISOs looking to crack this market must be willing to clear some high technological and operational hurdles.
During times of overall sluggish retail sales and low profit margins on basic payment services, many independent sales organizations might be tempted to seek out newer, higher-growth markets. One such market is electronic commerce, which continues to grow at a healthy clip and is now racking up about $200 billion a year in sales. Even greater growth awaits if mobile commerce fulfills its much-ballyhooed potential.
But getting into this lucrative market may be more difficult than it seems. Traditionally, most ISOs are used to hunting down new stores, shipping them secure point-of-sale terminals, hooking them up to a sponsor bank and the payment card networks, and then watching the fees roll in. Companies that take this approach are likely to be stymied by the newer world of online sales.
Relationships with dozens if not hundreds of affinity groups, software companies, Web hosts, customer call centers, and shopping-cart developers may be required to serve the desired customer base. And while compliance with the Payment Card Industry data-security standard (PCI) is required of all card-accepting merchants, online retailers’ security needs are often even more exacting. Finally, there are all sorts of other technical issues required to make sure operations run smoothly and customers are served properly.
“The online business requires a totally different sales approach than the traditional sales approach ISOs have taken,” says Rick Oglesby, a senior analyst for Boston-based Aite Group LLC. “There are a lot more technological components to be dealt with.”
The Right Incentives
The first issue is identifying online retailers as prospective customers. While traditional ISOs may hit the strip malls and Main Streets in their targeted geographic regions or find trade lists of businesses in niche markets they have already identified, ISOs specializing in online commerce often have a harder time finding clients who want to start e-commerce businesses.
Aside from locating existing small e-retailers and trying to convince them to move their payments businesses, some online ISOs try to identify people who have the potential to start selling on the Web. One place to find them, Oglesby says, is on eBay Inc.’s massive online auction site.
“You can look on eBay for people who are selling stuff who are likely to graduate to their own Web site. They currently may not be big enough to accept payments on their own but they may be ready to move to that level soon,” he says.
Other ISOs use common Web-based methods to promote their services, such as online ads and pay-for-click services.
“We use a variety of e-commerce promotions, such as pay for click, advertising on select Web sites, and promoting our services in magazines that serve the industries our merchants are in,” says Scott Miller, chief executive of PayLeap, a Warsaw, Ind.-based gateway provider and merchant processor recently acquired by online PIN-debit technology provider Acculynk Inc.
Ultimately, one of the best sources of new business is from Internet partners that refer merchants they are working with to an ISO for the payment component. Miller says structuring partnership agreements with the right incentives is critical to success.
While many agreements allow for one-time financial incentives for business referrals, PayLeap has taken it to a new level by continuing the reward incentives on a monthly basis after the deal is signed.
“You have to have incentives that allow both partners to share jointly in the customer’s success. It has to be a two-way street so our partners want to refer business to us and want the deal to be successful,” Miller says.
No Phone Calls
Forming partnerships with tech companies also is key for ISOs that want to serve online retailers. Common partnerships include Web-hosting companies, shopping-cart providers, integration-service providers, and gateway services, Oglesby says.
Not only do these companies provide potential merchant contacts to the ISOs, but they also provide components of a total services package ISOs need to represent to retailers.
Lowell, Mass.-based Litle & Co., for example, works with 160 different technology partners that enable the merchant processor to serve online firms. Partners include on-boarding companies, order-management firms, call centers, fulfillment companies, and electronic shopping-cart providers, says Jason Pavona, executive vice president of marketing and sales.
Litle works with what it calls middle-market online firms, typically with sales of more than $5 million, providing everything from consumer goods to conferences and specialty services.
ISOs working in the online world need not only to be able to integrate software from partners, but they also need to develop many of their own applications.
“In e-commerce, we have to be more creative in developing technological solutions than other ISOs that can sell other companies’ technology,” says Rick Noble, chief executive of North Kansas City, Mo.-based BCC Merchant Solutions, parent company of the ISO BankCard Central.
For example, Noble notes that e-commerce customers often need their payment data integrated with other databases, such as accounting or inventory. A payments company that can help with that chore has a leg up on getting the business.
Additionally, many e-commerce companies are following a model similar to that of Amazon.com Inc., where they handle the sales and payments functions for partner retail companies. In those cases, a lot of information from multiple retailers has to be integrated by the payments provider.
“We’re working on two projects now involving complex integration solutions,” Noble says. “We have to develop the tools that make our merchants suppliers so that they can provide a multiple of content from a bunch of franchise operations. That is complex in dealing with such issues as to how do they get control of the vendors supplying them? How do they coordinate the advertising campaigns?”
PayLeap has developed a platform that allows retailers to go to a secure Web site to find out how their business is doing. Merchants can learn their shopping-cart abandonment rates, approval rates, and other metrics, with a full analysis of their sales. This requires little direct interaction with PayLeap.
“Our merchants don’t want to talk to people,” says Miller. “The trend toward human interaction is going out. But merchants can still find out how their business is doing without making a phone call.”
‘Strike a Balance’
Security also is a huge issue for ISOs in the online world.
“These companies need to focus heavier on security technology than other payments companies that are mostly reselling VeriFone [point-of-sale] devices,” says Oglesby.
While PCI requirements technically are the same for all ISOs, meeting these requirements may be much more complicated for ISOs dealing with online retailers.
“In the brick-and-mortar world, the security is largely taking secure terminals out of the box,” Oglesby says. “That is not the case with e-commerce. There are so many other components that need to be integrated with sales that can affect security. For most ISOs, the key is finding partners that have the skills that can deal with all the potential risks associated with each component and making sure the entire system is secure.”
When working with online retailers, it is critical to gather and retain as much information about their customers as possible to reduce fraud. Since the customer is not there in person, having a lot of information about each one helps prevent fraud when they type in their card numbers.
“There is a lot more risk when the card is not present,” says Litle’s Pavona.
Complicating matters are retailers’ concerns about rejecting risky transactions, which could end up costing good sales.
“You have to strike a balance between keeping the marketing people happy and the IT people happy,” says Pavona.
Litle has dealt with the issue in part by adopting a token product that eliminates the risk of critical information being intercepted during processing and also eliminates the risk for the merchant of storing payment data. The retailer only sees a proxy number while the real, sensitive data are stored off site in a controlled environment.
PayLeap will be introducing in the next three to six months an enhanced fraud-detection tool to help online and mobile retailers gain even more control over security, Miller says.
Noble adds that in cases of aggregating sales and handling transactions for partners, the complexity of protecting customer data and overseeing fraud control becomes more intense than it is when securing just one retailer’s payments. He notes, however, that when it comes to PCI, ISOs working in the online world had a leg up on other ISOs from the beginning.
“We began working 10 years ago on many of the procedures required by PCI today,” he says. “Ten years ago online merchants had a great opportunity for data breaches, but that is not the case any more. E-commerce companies have been working harder on data security and we know what to look for.”
‘Technology Driven’
Beyond technology and security, online ISOs must address other issues.
“Many online retailers want to sell internationally, so you have to deal with multiple currencies, added security risks, and additional legal issues associated with taking orders and shipping overseas,” says Oglesby.
In selling internationally, greater knowledge of foreign payment cards is required.
“Globally there are many different payment cards and you have to know what countries your customers want to sell in and make sure you give the capability to sell to customers using the cards from those regions,” says Pavona.
The international market is quite alluring for some ISOs, especially for those that not only want to enable their U.S. merchants to sell overseas but also want to work with foreign businesses.
“The international market is an area where online merchants, particularly startups, need better tools for payments. Historically, merchants located outside the U.S. have lacked viable options or sophisticated technology for online payments, making it difficult for startups to get their businesses off the ground,” says a spokesperson for Braintree Payments Solutions LLC, a Chicago-based ISO specializing in e-commerce.
In August, Braintree began offering the same services it offers in the U.S. to merchants in the United Kingdom, Europe, and Canada.
And for some ISOs, the key to online success is finding a niche in which they can specialize.
“Payments is so price-sensitive. We knew we had to be more than that. We saw a niche that needed filling—online registrations,” says Joe Garza, a long-time industry executive who today is vice president of payments for Chicago-based SignMeUp Inc.
SignMeUp specializes in registering participants in racing events—marathons, biking events, and the like. It is a complex business that can have up to 40,000 registrants per event, and all the registrations have to be sorted by age groups, time categories, and such things as T-shirt size.
“We have to be technology-driven,” says Garza. “We have to manage all the components of the registration, the registration itself, payment, security, and data management.”
The latter may be the most important component.
“The data provided in a transaction is as important as the transaction itself. We have to leverage that data so that we can provide important information to our customers,” Garza says.
SignMeUp has partnerships with running associations and major stores that sponsor races. And while race sponsors have been SignMeUp’s niche, the firm is looking to expand into other merchant categories, most likely not-for-profit organizations, Garza says.
The Challenge of Mobile
As complex as serving online retailers may be for ISOs today, the next few years may be even more challenging with the advent of mobile technology. The ability to enable customers not only to shop from their PC but also from their mobile phone holds a lot of potential for online retailers and the ISOs servicing them.
Pavona notes that some of Litle’s merchants are finding that as many as 10% to 15% of their transactions already are coming from smart phones or tablet computers.
“We expect continued growth and we have to look at what value-added services we can add as merchants see more mobile transactions,” Pavona says.
Others also are seeing considerable mobile potential. Braintree says it is processing $1 billion in mobile payments annually for some of the fastest-growing mobile-app deployers, such as LivingSocial, Fab.com, and Uber. It offers a single-click checkout that appeals to consumers and increases the conversion rate for merchants.
SignMeUp also has entered the mobile-commerce world with its SignMeUp Plus offering, a multichannel approach to race registrations. With it, customers who walk into runner-supply and clothing stores and see information about upcoming races can register for them on the spot from their mobile device.
But while m-commerce can be lucrative, it also presents additional challenges.
“This is clearly an even larger data-security concern,” says BankCard Central’s Noble. “You have no control over the device that is initiating the transaction. Whenever the customer enters their own transactions, there [are] always more opportunities for fraud.”
New tools for fraud fighting include tracking systems that show the mobile device’s location, Nobel says. For example, if a fraudster supposedly is using a smart phone to buy an item in a particular store, the system could show that the individual is not even anywhere near that store.
Clearly, processing for online merchants is a complex challenge for ISOs. But those that prove competent at it will have the tail winds from transaction growth at their backs.
