Taking Payments Via Your Web Site & PCI Compliance


Your website checkout process enables you to offer a choice of payments when people are ready to pay for their order. 


All payments are taken on the payment processor / gateway sites who must have PCI Compliance because they are capturing credit / debit card details, rather than REC+ which does not capture, handle or store credit card details on your website. When completing your PCI Compliance forms you will need to confirm compliance with the payment processor / gateway providers and your own internal IT team / provider regarding computer and network access to your chosen payment systems.


Payment Methods & Integrated Payment Processors & Gateways


REC integrates with the following payment processors / gateways:


PayPal
This is a commonly used and trusted payment processor and we recommend you use PayPal as one of your payment choices at least. Allows users to pay using their PayPal account or via a credit / debit card for a certain number of times. DEPRECATED: use PayPal express instead.
PayPal ExpressThis method speeds up the registration and buying process by allowing PayPal users to pull in their address details directly from their PayPal account. Set up instructions here
Sage Pay
Sage Pay is recommended as a UK payment choice because it is well-known, trusted and low cost.
Set up instructions here.
Stripe
Stripe lets you take card payments plus to pay via Apple Pay and G Pay.
Set up instructions here.
KlarnaKlarna Checkout allows you to offer payments by instalments, useful for larger value items.
Set up instructions here
Authorize.netThis is a leading US payment processor which integrates with US banks. Not available for the UK.
Set up instructions here.
ePDQThis is Barclays online solution for accepting cards over the internet. 
Set up instructions here.
PayzonePayzone is an established UK business offering personalised rates and short term contracts. 


REC also allows "Cash On Delivery" and "Pay By Invoice" options. 


Payment Processors & Gateways Explained


Paypal & Google Checkout are payment processors . You have to set up a business account with them, which is validated by taking a small payment from your business bank account (just a few pence) and then getting you to confirm that amount. Paypal lets people pay using their Paypal accounts or via a credit / debit card up to 10 times per user, classing them as a "guest". If they go over the limit they are required to create a Paypal account.


Payment gateways integrate with the UK's leading banks, taking payments directly via credit / debit cards and processing them through the credit card network into your business bank account. Via an acquiring bank, you set up a merchant account, which is a type of bank account which lets you take credit / debit cards (technically its a line of credit rather than a bank account). When someone pays via credit / debit card funds are exchanged between the issuing bank (i.e. the bank that issued the credit card to the consumer) and the acquiring bank and then the funds are passed to your business bank account after a period of time.


Because merchant accounts are different to bank accounts, you can either sign up to one via your normal bank who normally provide "merchant services" or a separate merchant services provider. It is worth looking at the rates on offer from the payment gateway providers who also offer merchant accounts. Once your sales grow, you can save a reasonable amount on fees this way. 


Important Note: When you talk to banks and merchant services providers, they will try to sell you their payment gateway. Please decline this. We only support the gateways listed above, who integrate into all the major banks already.


SSL Certificates


SSL certificates can be issued for a web site which then create a visible padlock during checkout that visitors can see so they know their personal details are encrypted when sent over the web. We advise all ecommerce sites to install an SSL certificate, which are renewed annually typically. It is easiest if we provide the SSL purchase and installation for you due to its technical nature. Remember that PCI Compliance is covered via the payment processor / gateway to ensure encryption of the buyer's credit / debit card information.


Stripe