Payment Gateway Integration: A Business Owner's Guide

A payment gateway is the service that processes credit card transactions: - Customer enters card details - Gateway securely transmits to payment processor - Transaction approved or declined - Funds transferred to your account You never handle raw card data—the gateway manages all the security compliance (PCI DSS). This is crucial: handling payment data yourself requires extensive security measures. Always use a reputable gateway.

Stripe: - Developer-friendly with excellent documentation - Supports subscriptions, one-time payments, invoicing, connect (marketplaces) - 2.9% + 30¢ CAD per transaction in Canada - Supports 135+ currencies - Strong fraud detection built-in - Best for: Custom implementations, subscriptions, SaaS, marketplaces - Payout timing: 2-7 business days to Canadian bank accounts PayPal: - Widely recognized by consumers (increases trust) - Offers buyer protection (customer peace of mind) - Can accept PayPal balance payments (no card needed) - 2.9% + 30¢ CAD per transaction - International fees: 4.4% + fixed fee for cross-border - Best for: Consumer trust, international payments, established brand recognition - Payout timing: Instant to PayPal balance, 1-3 days to bank Square: - Integrated with point-of-sale hardware - Easy setup, very user-friendly - Good for retail + online combination - 2.9% + 30¢ online, 2.65% in-person with Square hardware - Best for: Businesses with physical and online sales, restaurants, retail - Payout timing: 1-2 business days Shopify Payments (powered by Stripe): - Integrated into Shopify platform - No transaction fees if you use it (vs 0.5-2% for external gateways) - 2.9% + 30¢ for basic Shopify plan - Best for: Shopify stores wanting to avoid double fees - Caveat: Only works within Shopify ecosystem Moneris: - Canadian company, strong in Quebec - Widely used by established Canadian businesses - Pricing varies (often higher fees, but negotiable for volume) - Best for: Traditional Canadian businesses, government contractors - More complex setup than modern options

Payment processing in Canada and Quebec has unique considerations: Interac support: - Interac is the most popular payment method in Canada (70%+ of online debit transactions) - Stripe supports Interac e-Transfer for payouts and some payments - PayPal supports Interac but charges premium fees - Dedicated Interac Online: Requires separate agreement with financial institutions - For Quebec businesses: Interac support significantly reduces cart abandonment Currency handling: - Always display prices in CAD for Canadian customers - Accept USD for international customers if you export - Payment gateways handle currency conversion but charge 1-2% premium - Consider: Fixed CAD pricing vs dynamic conversion at checkout Quebec-specific requirements: - Bill 64 (privacy law): Customer payment data must be handled securely - Receipts must include all required Quebec consumer protection information - French language support in checkout flow (legal requirement for Quebec B2C) - Quebec Sales Tax (QST) and GST calculation must be accurate Canadian banking integration: - Most gateways support Canadian bank accounts for payouts - Verify your gateway supports your specific bank (some credit unions not supported) - Payout timing: Usually 2-7 business days to Canadian accounts - Currency: Payouts in CAD avoid conversion fees Practical example: A Montreal e-commerce store selling across Canada should: - Accept Visa, Mastercard, Amex (Amex charges higher fees ~3.5%) - Display prices in CAD - Collect and remit GST/QST properly - Offer PayPal as alternative (10-15% of customers prefer it) - Consider Interac e-Transfer for high-value B2B transactions - Ensure French checkout flow for Quebec customers

Different business models require different payment approaches: One-time payments: - Simpler to implement (single transaction) - Customer pays once and done - Use cases: E-commerce, services, digital products - Implementation: Basic checkout flow, confirmation email, receipt - Refunds: Manual process, issue as needed Subscription/recurring payments: - Automatic charging at regular intervals - Requires customer consent ("vault" their payment method) - Use cases: SaaS, memberships, subscription boxes - Implementation complexity: Higher (failed payments, dunning, cancellations) - Customer management: Need subscription dashboard for users Subscription-specific features needed: - Failed payment retry logic (card expired, insufficient funds) - Email notifications (upcoming charge, failed payment, cancellation) - Prorated billing (if changing plans mid-cycle) - Grace periods and dunning (recovering failed payments) - Easy cancellation (legally required in Quebec/Canada) - Subscription management dashboard for customers Stripe Billing vs PayPal Subscriptions: - Stripe: More flexible, better developer tools, detailed analytics - PayPal: Familiar to customers, simpler for basic use cases - Both handle PCI compliance for stored cards Quebec legal requirement: Subscriptions must be easily cancellable online. You cannot require customers to call or email to cancel. Stripe and PayPal both provide customer portals for this. Pricing consideration: Failed payment rate for subscriptions is typically 5-10%. Factor this into your revenue projections. Proper dunning can recover 40-60% of failed payments.

Most gateways charge similar rates: - 2.9% + 30¢ for standard transactions (US) - Higher for international cards - Subscription billing may have additional fees - Some offer volume discounts Fees are usually non-negotiable for small businesses. They cover fraud protection, payment processing, and maintaining PCI compliance. Factor these costs into your pricing. A $10 product actually nets you about $9.40 after fees.

Disputes and chargebacks are inevitable when accepting payments. Here's how to handle them: What's a chargeback: - Customer disputes a charge with their bank - Bank reverses the transaction and investigates - You have limited time to respond (7-21 days usually) - If you lose, you pay the original amount plus $15-25 chargeback fee - Too many chargebacks can get your merchant account terminated Common dispute reasons: - "I didn't authorize this" (fraud or family member used card) - "Item not received" (delivery issues) - "Item not as described" (quality disputes) - "Duplicate charge" (technical error) - "Subscription I cancelled" (poor cancellation UX) Preventing chargebacks: - Clear billing descriptor (what appears on card statement) - Detailed product descriptions - Prompt shipping with tracking - Visible refund policy - Save all communication with customers - Keep proof of delivery - Clear subscription terms and easy cancellation Winning disputes: 1. Respond quickly (within 7 days ideal) 2. Provide evidence: order confirmation, shipping tracking, proof of delivery 3. Include customer communication showing satisfaction 4. For digital goods: IP logs, download records, usage data 5. Be professional and factual in your response Quebec context: - Quebec has strong consumer protection laws - Clear refund policies help prevent disputes - Document everything for B2C transactions - For subscription services: proof of clear disclosure and easy cancellation is critical Stripe vs PayPal dispute handling: - Stripe: Better dashboard, easier evidence submission, detailed tracking - PayPal: Historically more buyer-friendly (harder for merchants to win) - Both provide fraud detection to reduce fraudulent transactions Benchmark: Healthy chargeback rate is under 0.5%. Above 1% indicates problems with product quality, fulfillment, or fraud prevention. Practical tip: Many disputes can be resolved before they become chargebacks. Respond quickly to customer complaints and offer refunds when appropriate. A $50 refund is better than a $50 chargeback plus $20 fee plus risk to your merchant account.

Quebec businesses selling internationally need to consider: Currency conversion: - Accept payments in customer's local currency (increases conversions by 15-20%) - Stripe supports 135+ currencies with automatic conversion - PayPal supports 25+ currencies - Display prices in local currency (USD for Americans, EUR for Europeans) - Conversion fees: 1-2% on top of standard transaction fees Cross-border fees: - Standard: 2.9% + 30¢ - International cards: Add 1-1.5% cross-border fee - Currency conversion: Add 1-2% - Total international fees: ~4.5-5.5% plus fixed fee Shipping and taxes: - Calculate accurate international shipping at checkout - Be clear about customs/duties (customer usually pays) - VAT/GST/sales tax: Research requirements for countries you sell to - EU: May need VAT registration if selling to EU customers - US: May need to collect state sales tax depending on volume Payment methods by region: - North America: Credit cards, PayPal - Europe: Credit cards, PayPal, SEPA transfers, iDEAL (Netherlands) - Asia: Alipay, WeChat Pay (if targeting China) - Latin America: OXXO, Boleto (local payment methods) Fraud considerations: - International transactions have 3-5x higher fraud rates - Use Stripe Radar or PayPal fraud protection - Require CVV verification - Use address verification (AVS) where available - Be cautious with large first-time international orders Example: Montreal software company selling to US customers: - Display prices in USD (use Stripe to handle conversion) - Accept major credit cards + PayPal - Total fees: ~3.4% (2.9% + 0.5% currency conversion) + 30¢ - No shipping concerns (digital product) - Minimal fraud risk (subscription model with free trial) - Consider: US tax obligations if revenue exceeds thresholds For serious international business: Consider Stripe Atlas (helps with US entity setup) or local payment processing in major markets.

Integration ranges from simple to complex: Simplest: Payment links - Stripe, PayPal, Square all offer hosted payment pages - You send customers to their checkout - No custom development needed - Works but less polished Medium: Embedded checkout - Checkout happens on your site via embedded iframe - Better user experience - Minimal custom code required - Good balance for most businesses Most complex: Custom API integration - Full control over payment experience - Requires significant development - Best for unique workflows - Necessary for marketplaces and complex needs

Avoid these mistakes that plague payment integrations: Pitfall 1: Not handling webhooks properly - Webhooks notify your server of payment events - Must be handled asynchronously and reliably - Common issue: Webhook fails, subscription activates but your system doesn't know - Solution: Implement retry logic, verify webhook signatures, test thoroughly Pitfall 2: Storing sensitive card data - NEVER store full card numbers, CVV, or expiration dates in your database - PCI compliance violations can result in massive fines - Solution: Use payment gateway's tokenization (they store the card, you store a token) Pitfall 3: Poor error handling - Cards get declined for many reasons (insufficient funds, fraud detection, expired) - Generic "payment failed" messages frustrate customers - Solution: Display specific error messages, offer alternatives (try different card, contact bank) Pitfall 4: Not testing edge cases - Test more than successful payments - Test: declined cards, expired cards, insufficient funds, 3D Secure authentication - Test: webhooks firing multiple times (idempotency) - Test: subscriptions with failed renewal payments Pitfall 5: Ignoring mobile experience - 60%+ of transactions happen on mobile - Apple Pay and Google Pay increase mobile conversion by 20-30% - Solution: Implement mobile-optimized checkout, support digital wallets Pitfall 6: Unclear billing descriptors - What appears on customer's credit card statement - Unclear descriptors lead to chargebacks (customer doesn't recognize charge) - Solution: Use clear business name, include contact info, keep it under 22 characters Pitfall 7: No fraud prevention - Accepting all payments leads to high fraud rates - Chargebacks and fraud cost 2-3x the transaction amount - Solution: Use Stripe Radar, require CVV, use address verification, watch for red flags Pitfall 8: Complicated checkout flow - Every extra step loses 10-20% of customers - Requiring account creation before checkout kills conversions - Solution: Guest checkout, minimal fields, clear progress indicators Quebec-specific pitfall: English-only checkout - Legally required to offer French for Quebec B2C businesses - Also significantly improves conversion for French-speaking customers - Solution: Fully translated checkout flow, error messages, receipts

Payment gateways handle most security, but you're still responsible for: - Using HTTPS everywhere - Not storing card data - Properly handling customer data - Following the gateway's integration guidelines Using hosted checkout (Stripe Checkout, PayPal Standard) reduces your compliance burden—the gateway handles the card data entirely. For custom integrations, you'll need to complete PCI compliance questionnaires. Stripe and others provide guidance.

Before accepting real payments: 1. Use test mode with fake card numbers 2. Test successful payments 3. Test declined cards 4. Test refunds and disputes 5. Verify webhooks work correctly 6. Test on mobile devices Once testing is complete: 1. Switch to live API keys 2. Complete business verification 3. Set up bank account for payouts 4. Monitor first transactions closely Start with small test transactions before announcing payment acceptance to your full audience.