home > support > credit cards

Taking credit card payments

The challenge

Taking credit card payments from your customers is not trivial. This page gives a summary of the issues. The payment gateway providers listed on this page are integrated within TourCMS to varying degrees. Where fully integrated this means you are able to get using the system with the minimum of hassle (but not no hassle!)

The basics

There are 4 layers within your credit card system:

The key points to check are that:

If any one of the links in the chain isn't compatible then you have a problem.

PayPal users do not require a payment gateway nor a merchant account. PayPal acts as both those layers and glues your booking software with your bank account directly. Not all countries support PayPal and the % fees can be much higher than a merchant account / payment gateway combination.

Choosing a merchant account

Check if you are restricted in your choice of merchant account based on your trade association membership. For example TTA members in the UK tend to use Streamline as their merchant account.

UK travel companies struggling to get their bank to give permission for a merchant account should consider joining or insuring with one of these organisations:

Further discussion regarding merchant accounts can be found on our ecommerce forums Small Fish Big Ocean.

A reason why travel companies can struggle finding a merchant account is that there is a delay between the customer paying for their travel and the delivery of the service. Sometimes this can be 6-12 months in advance, 18 months is not uncommon. This exposes the banks to risks for far longer than a conventional ecommerce transaction where it is purchased and delivered within a short timeframe.

Choosing your payment gateway

Your payment gateway choice will generally be impacted by your booking software you are using. As the payment gateway acts as the glue between your merchant account and the booking software you need to ensure they are directly compatible.

The key commercial decision will be whether the gateway has a low monthly fee plus a per transaction fee or whether they have a large monthly fee but include many transactions. If you are running an annual event with a peak booking month then the low monthly fee schedule will probably work out best.

PCI compliance

The PCI standards are a set of standards that define how you must look after credit card details. If you have a merchant account you will have signed and agreed that you will comply with their standards.

TourCMS never holds any of your customers' credit card data and we only work with payment gateways with hosted payment page solutions.

Examples of non-compliant credit card handling behaviour:

Please take your own advice re PCI compliance and how it should be applied in your country.

The challenge then comes with how you undertake a balance payment from a customer as you are not permitted to store the card details between when they paid their deposit and you charge the balance. (The same issue occurs if you wish to upgrade the customer subsequent to their initial purchase)

With PayPal you can send your customer an email with a link and when the customer clicks on that link they are taken to the PayPal site and make their payment. i.e. it requires the customer to act.

The alternative is to do what we call credit card billing ID based billing. When the customer makes their first transaction a billing ID (like a code or reference number) is passed to TourCMS. This is stored against the customer record. If you wish to bill the customer a second time (e.g. for a balance payment or an upgrade) you can, via your payment gateway and TourCMS, put a charge on that card - without either having to store the card details nor with the customer having to take any action. i.e. the payment gateway stores the credit card details on your behalf but you still remain PCI compliant!

NOTE that the CCV credit card number is not stored during billing ID based billing. Hence it is not sent to your merchant provider when you request a payment from a customer's card. This can mean that you pay an additional % charge (over and above your negotiated merchant fee) for unsecured transactions. To avoid this request the customer supply their card details again at time of balance payment.

Specific technical questions for you to investigate

Languages for hosted pages

Customers will be adding their card details using a payment page hosted by the payment gateway. Not all gateways support all languages.

How to take balance payments

Does TourCMS work with the payment gateway using billing ID codes? Alternatively, is there a web interface for reporting where you can also add a charge to a credit card, independent of TourCMS?

Does the payment gateway give you a virtual terminal facility?

e.g. If you have the customer's card, can you charge it directly?

Can it handle multi currency?

e.g. For Barclaycard you have to have a second merchant account to handle a second currency. A non-primary currency merchant account may have significantly higher fees (although this can be got around by using a second bank account in your non-primary currency)

How are refunds handled?

Can you do them? What are the rules etc? Can you do a partial refund or can you only refund the entire original transaction?

AUTH transactions

An AUTH transaction is when you check a card for validity and that there are available funds on the credit card. For example you may want to take (then store) a customers card details during the upfront online booking process - but charge the card subsequently. This can be very helpful for tailor made tours where the final price isn't known at point of initial booking. Some systems only permit the original authorised value to be charged subsequently. Others, like Payment Express, permit you to charge any value subsequently (on a stored card).



More Information

© 2003-2010 Travel UCD Limited. All rights reserved. TourCMS® is a registered trademark of Travel UCD Limited, United Kingdom. View Privacy policy.