In dealing with e-commerce solutions over the last several weeks intensely (and the last several years in general), I have come to the conclusion that there are four different categories of e-commerce solution providers: gateways, processors, providers and promisers.
In understanding these categories, as in all projects where you have a defined goal, it is important to understand what your e-commerce goal is. Most e-commerce occurs where the vendor wants to sell something to the customer. All is good and fine, until the vendor needs to take payment. That payment can occur in lots of ways (barter, cash, gold, diamonds), but online usually takes some form of electronic payment. This is usually a credit card payment or e-payment (like PayPal), but can also be e-checks, especially since the creation of Check21 and the wider acceptance of ACH in recent years.
So you, as a vendor, have a need, once you have decided to accept payment from a customer, to accept that payment from them. You have three choices:
- Gateways: Gateways provide nothing more than a direct line to handle the nitty-gritty of credit card processing. Authorize.net is one of the more well-known, but others exist. When you use a gateway, you are saying, “I want to do everything myself, I even have the credit card merchant account, but someone has to process the payment.” Your costs are likely to be quite low, your technical requirements quite high. Unfortunately, most of the gateways are actually still quite primitive. For example, it is nearly impossible to get decent machine-readable (= automated) information about chargebacks, and when they do arrive, they often lack enough information to match them to an initial transaction that may have occurred months or longer ago. To make matters worse, they often include the original credit card number, which is unnecessary and complicated PCI-DSS compliance.
- Processors: The processors provide you with some basic services on top of the gateways. First, they may use multiple gateways, providing some reliability and redundancy for you. Second, they may do a lot of the heavy lifting to automate some processes so that you can use Internet-age technology and tools to manage payment processing. Third, they may include direct access to some of the e-payment systems, which a gateway cannot. Fourth, the processor brand may provide some level of security and comfort for your customers. Fifth, they can alleviate the PCI-DSS compliance burden in some cases, by removing the need to handle credit card data at all. Sixth, they can provide some more rapid response, for example notifying your infrastructure of payment events (authorize, capture, reject, etc.). Notable entrants in this area are PayPal, Amazon and Google.
- Promisers: The promisers promise the world. They are all in one solutions that include a cart, coupons and discounts, cross-sells, up-sells, customer reporting, you name it. They may even have a complete licensing system. They handle everything for you. They are the easiest to implement and get started with. Some examples include Kagi, esellerate and others. Many have been bought up by Digital River, which, unfortunately, has let the engineering and investment side (and certainly the user experience side) slip into well below mediocrity. The downside of any of these? You are tied in tightly. If what you want doesn’t work with them, tough luck. You may have to change your business model (as one company I recently worked with did) to suit their infrastructure rather than change your systems to meet your business model. They also make it difficult to work part-and-part, e.g. licensing from one supplier, sales from another, cart from another. Finally, their costs tend to be fairly high.
- Providers: The providers category is pretty new. They live somewhere between the Processors and Promoters. A great example is FastSpring. You manage the user experience on your site. However, when you are ready to actually sell or add to a cart, you do it on their site. They provide open URL access to the product, and many of the instant notification features of Processors, along with the price and promotion management features of the Promisers. Their costs tend to be somewhere between the Processors and Promisers. They are very quick to get up and running, especially the new Web 2.0 ones, but sometimes lack the catalog/product controls that you would get from managing it on your own (although then you would have to implement it).
Where do these rank for those looking for a commerce solution?
- If you have simple products to sell, with fairly straightforward up-sell, cross-sell and discount needs that you do not expect to grow or change – a.k.a this is either a hobby or a small business that will remain small – the Promisers will suffice. Be prepared, however, for high variable costs and great pain if you ever want to pull apart… you will likely need expert help to tease apart the components. On the upside, consultants like us love those.
- If you are doing very complex transactions, recurring transactions, and need to store your own payment data, or if you have very high volumes, you are most likely to use the gateways. Your fixed cost in maintaining them will be high, but you will have the greatest control and direct access and lowest per-transaction costs.
- If you are prepared to maintain your own storefront, or desire to do so for control purposes, but want a decent system to handle reporting and ease of access, use the Providers. I have been very impressed by FastSpring thus far, although some level of control over what products are available under what conditions would be hugely useful. Just about everyone who sells any volume has specials that only apply to certain customers under certain conditions (time, past purchases, membership in a special club, etc.). The Providers make everything available if you know the URL, and in the age of the Internet, nothing remains hidden for long. Security by obscurity is a recipe for insecurity.
- If you just have a few products to sell, and you want the lowest-cost fastest implementation, go for the Processors. PayPal as the lead, followed by Google and Amazon, have made implementing payment processing extremely easy, although the easiest to use are also easy for anyone to fool, or even set up a pirate page on a Russian server that even non-technical users can use to fool your page. As soon as you add some security and controls, it gets more complex. Kudos to PayPal for their usage of encrypted buttons to allow you to still use their “easy” product (Website Payments Standard) but provide some protection.