Taking Payments Via Your Web Site & PCI Compliance


Your website checkout process enables you to offer a choice of payments when people are ready to pay for their order. All payments are taken on the payment processor / gateway sites who have to comply with PCI Compliance because they are capturing credit / debit card details. Because REC does not take capture those details on your site, so you do not need PCI Compliance for your site. We leave that level of technical compliance to large, expert organisations.


Payment Methods & Integrated Payment Processors & Gateways


REC integrates with the following payment processors / gateways:


Paypal 
This is a commonly used and trusted payment processor and we recommend you use Paypal as one of your payment choices at least. Allows users to pay using their Paypal account or via a credit / debit card for a certain number of times.
Paypal Express This method speeds up the registration and buying process by allowing Paypal users to pull in their address details directly from their Paypal account. Set up instructions here
Sage Pay
Sage Pay is recommended as a UK payment choice because it is well-known, trusted and low cost.
Cardsave
Cardsave, now owned by WorldPay, is a good alternative to Sage Pay for sites with larger monthly sales revenues in the £10,000’s per month as you can normally negotiate cheaper rates from them.
Authorize.net This is a leading US payment processor which integrates with US banks. Not available for the UK.
ePDQ This is Barclays online solution for accepting cards over the internet.


REC also allows "Cash On Delivery" and "Pay By Invoice" options. 


Payment Processors & Gateways Explained


Paypal & Google Checkout are payment processors . You have to set up a business account with them, which is validated by taking a small payment from your business bank account (just a few pence) and then getting you to confirm that amount. Paypal lets people pay using their Paypal accounts or via a credit / debit card up to 10 times per user, classing them as a "guest". If they go over the limit they are required to create a Paypal account.


Payment gateways integrate with the UK's leading banks, taking payments directly via credit / debit cards and processing them through the credit card network into your business bank account. Via an acquiring bank, you set up a merchant account, which is a type of bank account which lets you take credit / debit cards (technically its a line of credit rather than a bank account). When someone pays via credit / debit card funds are exchanged between the issuing bank (i.e. the bank that issued the credit card to the consumer) and the acquiring bank and then the funds are passed to your business bank account after a period of time.


Because merchant accounts are different to bank accounts, you can either sign up to one via your normal bank who normally provide "merchant services" or a separate merchant services provider. It is worth looking at the rates on offer from the payment gateway providers who also offer merchant accounts. Once your sales grow, you can save a reasonable amount on fees this way. 


Important Note: When you talk to banks and merchant services providers, they will try to sell you their payment gateway. Please decline this. We only support the gateways listed above, who integrate into all the major banks already.


SSL Certificates


SSL certificates can be issued for a web site which then create a visible padlock during checkout that visitors can see so they know their personal details are encrypted when sent over the web. We advise all ecommerce sites to install an SSL certificate, which are renewed annually typically. It is easiest if we provide the SSL purchase and installation for you due to its technical nature. Remember that PCI Compliance is covered via the payment processor / gateway to ensure encryption of the buyer's credit / debit card information.