Contact our Team


Confirm your details, and one of our friendly local team will get in contact to discuss your requirements.

Gateway Performance


29 November 2017

Victoria Galloway

7 minute read

Is your payment gateway doing enough?

After you’ve integrated a payment gateway and shopping cart to your eCommerce store it might feel like your payment gateway can largely be left to its own resources and to do its own thing: ticking along happily in the background of your business operations, processing your transactions and authorising customer card details. But it’s not enough.

Cut to three years into the future.

Your business has grown and so has the number of people transacting on your site. Unfortunately, one thing that hasn’t changed for the better is your payment gateway which is still ticking along but not aiding business growth.

A gateway that doesn’t keep pace with your growing business or its evolving needs could really take the wind out of your sales.

But how do you know that your payment gateway integration is agile and powerful enough to meet your business’ needs now and for the future? There’s no simple answer to that question as a great payment system is a mix of many characteristics - payment options, card security, anti-fraud tools, integration and performance.

Read on to know whether your payment gateway is up to scratch!

Payment gateway features you cannot compromise on

When you are evaluating your payment gateway, no single feature can be a winner. But there are some features that are more important than the others:

  • Speed wins customers: Making payments happen swiftly is a priority. Shoppers have an increasingly low tolerance for delays when they’re paying online.
  • Sophistication matters: Features that will save your business time include disbursements, batch payments and refunds that work to create a more sophisticated shopping and customer experience.
  • Putting the power in buyers’ hands: Merchants need to be able to accept payments through their app. So that’s why, as a standard, your gateway should be able to integrate with a flexible mobile SDK solution for both iOS and Android.

A payment gateway that promotes growth lets you tap into more than 100 payment collection options online. They could include digital wallets, for example. Here’s a list of local payment options in the Asia-Pacific region.

While we’re on it: Did you know that Bambora accepts Apple Pay, Android Pay, Visa Checkout and MasterPass as well as UnionPay?

Know the payment card security standards

You’d know that when one of your customers keys in their credit card details into your site to notch a sale for you, it’s not just a money exchange. Throw into the mix personal data and other sensitive info they’re handing you. That’s a huge responsibility for you.

It’s critical, then, that your site complies with the Payment Card Industry Data Security Standard (PCI DSS). It sets out how organisations must collect, store, process and transmit cardholder data safely to stop fraud in its tracks.

No matter which channel you use to accept credit card payments, you need to be PCI compliant. Just to spell it out, the PCI standards cover the following types of customer data, but aren’t limited to only these:

  1. Shopping carts and payment apps
  2. Card readers
  3. Point-of-sale systems
  4. Wireless access routers
  5. Systems that store or transmit payment card data
  6. Paper-based records such receipts

Compliance hurdles you'll need to clear

Don’t assume your anti-fraud tools and software will keep your payment channels and methods clean either. Depending on how many payments you process a year affects the number of PCI compliance hurdles you have to clear.

As well, your compliance scope changes when your businesses uses different payment touchpoints.

You’re right if you’re thinking we’re not talking about a blanket standard here. It’s not one size fits all. For example, Level 1 merchants - those who process more than six million transaction a year regardless of acceptance channel - must pass quarterly network scans and submit an annual compliance report amongst other much more technical requirements.

Perhaps your business is more within the ambit of Level 2 (one million to six million transactions yearly), Level 3 (20,000 to 1 million) or Level 4 merchants (less than 20,000 transactions but also includes all companies that process a million Visa transactions a year).

Merchants at levels 2, 3 and 4 do a PCI DSS Self-Assessment Questionnaire each year and may need to have a quarterly network security scan, too.

Still got questions about PCI compliance?

Bambora can help with our PCI-compliant Level 1 payment gateway. Our job is to make it easy for companies in Australia and New Zealand to protect the data your valuable customers hand you. That protection covers off the latest and best industry standards. Level 1 security is the best you can get. We go into more detail here.

Extra tools to tackle fraud

Check if your payment provider offers extra ways to tackle fraud, such as Velocity checks, 3D Secure and Card Verification Values (CVV).

  • Velocity checks keep tabs on how many times customer data occurs within a specific interval
  • 3D Secure requires a cardholder give a password before making a payment
  • CVV confirms the customer holds that card and the info tallies with the credit/debit card company’s records.

Another way of securing your payments data is through tokenisation: the functionality securely encrypts card data through tokenised transactions. That means it converts the transaction in a long, unique string of characters that has no actual meaning or value but represents the original piece of data. Tokenisation is widely regarded as a brilliant anti-fraud system because if hackers manage to intercept your tokenised customer card data they can’t do anything with it - it’s meaningless.

Too small to be cyber crime victim?

Not so! Small businesses are just as affected by online fraud as the larger businesses. And the effects can be more devastating on a personal level.

Large businesses with bigger budgets are just as vulnerable but in different ways. They’re more likely to offer customers more ways to pay across mobile, app, web and tablet. We’ve seen Target Stores, eBay and the PlayStation Network where millions of customers had their personal details snaffled by cybercriminals.

And we’ve just heard from The New York Times that Uber drivers’ and riders’ accounts have been hacked – 64 million of them – and this happened last year.

Do nothing and you risk your brand being damaged, only being able to accept cash payments and at worse, hefty fines from both payment card companies and your bank. That’s precisely why relying on a state-of-the-art payment gateway is key to staying a step ahead of the cybercriminals.

Here’s an interesting read about online fraud to give you more context.

Don’t risk downtime or poor performance on your site

Can your payment gateway process secure credit card authorisations in a few seconds?

Cash flow is king, so if you can shrink the time it takes for the money to hit your account, that’s ideal. Don’t be one of the businesses that leaves money on the table due to a poor checkout experience. This’ll most likely lead to leaks in your sales funnel.

It’s not too hard to rise against your competition in Australia. We as a nation had the highest checkout abandonment rate in the world in Q2, 2016, according to a report by SalesCycle, a behavioural marketing solutions company. That’s pretty high.

Behind the scenes, Bambora has developer teams continuing to test and fine tune our system as well as keeping abreast of emerging trends in eCommerce. That’s what helps us ensure our payment gateway works quickly, efficiently and securely, encouraging your customers to do repeat purchases.

Integration, more important than you think

Another factor in speed and performance is integration.

You’d want to ensure your payment gateway can seamlessly integrate with top shopping carts like Magento and Woocommerce as well as offer a great Checkout solution.

You could have specific integration needs beyond that, too, such as fraud protection tools, your existing financial data management or invoicing software even your customer relationship management system. Maybe you’ve got a bricks-and-mortar store as well as do business online – no problem, you’ll just need a separate merchant account for each.

The bottomline is, the more power your gateway has to integrate, the less headaches and more time you’ll have to deliver a service your customers can expect.

Scalable payment solutions for your business

As your business expands, does the idea of switching to a different payment system feel right for you? Get our insights into the online marketplace and how our high performance and powerful payment gateway will keep you ahead of the curve - now and in the future.

Just talk to us and we’ll advise you on the best solution for your business.

About the author

Victoria Galloway is Bambora APAC's Technical Copywriter, and has been writing and producing in the payments and eCommerce space for a number of years, both in the UK and Australia.