Taking credit card payments
The challenge
Taking credit card payments from your customers is not trivial. This page gives a summary of the issues. The payment gateway providers listed on this page are integrated within TourCMS to varying degrees. Where fully integrated this means you are able to get using the system with the minimum of hassle (but not no hassle!)
The basics
There are 4 layers within your credit card system:
- Bank account
- Internet permitted merchant account (not necesarily supplied by your bank, but generally so)
- Payment gateway (e.g. Payment Express, InternetKasse etc)
- TourCMS booking software
- Your merchant account works in conjunction with your payment gateway (not all do)
- Your payment gateway works with your booking software (not all do!)
If any one of the links in the chain isn't compatible then you have a problem.
PayPal users do not require a payment gateway nor a merchant account. PayPal acts as both those layers and glues your booking software with your bank account directly. Not all countries support PayPal and the % fees can be much higher than a merchant account / payment gateway combination.
Choosing a merchant account
Check if you are restricted in your choice of merchant account based on your trade association membership. For example TTA members in the UK tend to use Streamline as their merchant account.
UK travel companies struggling to get their bank to give permission for a merchant account should consider joining or insuring with one of these organisations:
- IPP London - Insurance scheme
- TOPP from Travel & General - Insurance scheme
- Travel Trust Association - Clients account system
- AITO Trust from AITO (Association of Independent Tour Operators)
Alternatively, talk to Trust My Travel, who can provide a merchant account style service for local tour operators
Further discussion regarding merchant accounts can be found on our ecommerce forums Small Fish Big Ocean.
A reason why travel companies can struggle finding a merchant account is that there is a delay between the customer paying for their travel and the delivery of the service. Sometimes this can be 6-12 months in advance, 18 months is not uncommon. This exposes the banks to risks for far longer than a conventional ecommerce transaction where it is purchased and delivered within a short timeframe.
Choosing your payment gateway
Your payment gateway choice will generally be impacted by your booking software you are using. As the payment gateway acts as the glue between your merchant account and the booking software you need to ensure they are directly compatible.
The key commercial decision will be whether the gateway has a low monthly fee plus a per transaction fee or whether they have a large monthly fee but include many transactions. If you are running an annual event with a peak booking month then the low monthly fee schedule will probably work out best.
PCI compliance
The PCI standards are a set of standards that define how you must look after credit card details. If you have a merchant account you will have signed and agreed that you will comply with their standards.
TourCMS never holds any of your customers' credit card data and we only work with payment gateways with hosted payment page solutions.
Examples of non-compliant credit card handling behaviour:
- Asking your customer to send you their credit card details via email (in most cases)
- Taking credit card details from your customer and sending them insecurely to your supplier for direct charging
- Storing a consumers credit card details when they pay their deposit and using those card details for the balance payment
- Storing a consumers credit card details within notes within TourCMS
Please take your own advice re PCI compliance and how it should be applied in your country.
The challenge then comes with how you undertake a balance payment from a customer as you are not permitted to store the card details between when they paid their deposit and you charge the balance. (The same issue occurs if you wish to take another payment from the customer subsequent to their initial purchase, perhaps for an upgrade or additional sale)
One way is to send your customer an email with a link and when the customer clicks on that link and they can make their payment. This works very well however the onus is on the customer to act (and they may "forget" to or may not see it at the same priority as you do!)
The alternative is to do what we call credit card token based billing. When the customer makes their first transaction a token (like a code or reference number) is passed to TourCMS. This is stored against the customer record. If you wish to bill the customer a second time (e.g. for a balance payment or an upgrade) you can, via your payment gateway and TourCMS, put a charge on that card - without either having to store the card details nor with the customer having to take any action. i.e. the payment gateway stores the credit card details on your behalf but you still remain PCI compliant! Not all payment gateways support this style.
NOTE that the CCV credit card number is not stored during token based billing. Hence it is not sent to your merchant provider when you request a payment from a customer's card. This can mean that you pay an additional % charge (over and above your negotiated merchant fee) for unsecured transactions. To avoid this request the customer supply their card details again at time of balance payment.
Point of Sale (POS) Integration
Within TourCMS you can setup a second payment gateway per channel.
This is so you can have a payment gateway configuration for card holder present / POS transactions - separate from how you take payments online (made by customers and travel agents)
One payment gateway in particular, Authorize.net, require a different configuration for POS transactions (where credit card track data has been read as a result of the card being present) vs web based transactions
If you are not sure about how to configure TourCMS, leave the POS payment gateway setting to be the same as your web / ecommerce payment gateway setting
For hardware based high volume POS integrations (e.g. for day tour operators or attractions), talk to DataTrax and/or Palisis who both integrate with TourCMS
Credit card fees
Generally there is a move AWAY from charging credit card surcharges. The following is guidance from Visa / MasterCard:
The Merchant is permitted to charge a fee (such as a bona fide commission, postage, expedited service or convenience fees) if the fee is imposed on all like transactions regardless of the form of payment. Therefore the Merchant is obliged to present his prices to consumers as full prices (unless he offers general discount) and is not allowed to add any kind of value to his prices in case the consumer decides to pay with a payment card. The Merchant may not require a minimum or maximum transaction amount to accept a valid MasterCard or VISA card.
TourCMS does support credit card fees but we do not support a different fee for a credit card vs a debit card. Learn more about credit card fees
Specific technical questions for you to investigate
Languages for hosted pages
Customers will be adding their card details using a payment page hosted by the payment gateway. Not all gateways support all languages.
How to take balance payments
Does TourCMS work with the payment gateway using tokens? Alternatively, is there a web interface for reporting where you can also add a charge to a credit card, independent of TourCMS?
Does the payment gateway give you a virtual terminal facility?
e.g. If you have the customer's card, can you charge it directly?
Can it handle multi currency?
e.g. For Barclaycard you have to have a second merchant account to handle a second currency. A non-primary currency merchant account may have significantly higher fees (although this can be got around by using a second bank account in your non-primary currency)
How are refunds handled?
Can you do them? What are the rules etc? Can you do a partial refund or can you only refund the entire original transaction?
AUTH transactions
An AUTH transaction is when you check a card for validity and that there are available funds on the credit card. For example you may want to take (then store) a customers card details during the upfront online booking process - but charge the card subsequently. This can be very helpful for tailor made tours where the final price isn't known at point of initial booking. Some systems only permit the original authorised value to be charged subsequently. Others, like Payment Express, permit you to charge any value subsequently (on a stored card).