I develop a web-based shopping cart that uses Authorize.net as the
The app is not for my usage but for my future clients (similar to
Shopify but real stores, not virtual).
The problem is that I pay Authorize 4 cents per transaction just for
using their gateway.
I want to bypass Authorize and connect directly to the payment
(I know that there are at least 7 payment processors in the US)
Since each of my clients uses different processor I assume
that I need to write code to access each one of them.
I called paymentech (one of the processors) and they
have APIs(Orbital gateway).
Does any one try to connect directly and can provide some useful
Do all of the payment processors have APIs?
Here is a great diagram that explain the complex flow of
what happend after you swipe the Credit Card in a store:
Hey Oren, I have worked on several applications that deal with payment processing. Thus, if would like to bypass this fee and incur other fees, then you can create a merchant account via a bank. Also, there are more than 7 payment processors in the US. For example. Authorize.net has established a merchant account with some bank and they are leasing it out to you for 4 cents per transaction. Now, the bank will be using another company that’s the direct link to the credit card company. Thus, we have the follow:
You -> Authorize.net -> Merchant’s Bank -> Payment Processor -> Credit Card company
Next, the payment processor will probably only do business banks and not individuals. Thus, in most cases, you’ll need to establish a merchant account with a bank. Then the bank takes the ball from there. Next, you can consider Authorize.net as a gateway because it acts as a proxy for processing payments online through their merchant account. Finally, I would research getting a merchant account versus using a payment gateway (
i.e. Authoirize.net) for what you’re trying to do.
Paymentech is actually one of the smaller players in comparison to the
two big guys, which are Firstdata and Tsys (Visanet). The number of
banks that support either Firstdata or Vital is around 95% in the US,
so get them and you pretty much have it covered. I wouldn't even
worry about the rest it's not cost effective.
Efsnet is Firstdata's new gateway into all of their backend systems,
and it's free and easy to implement. Tsys has an api that will cost
you $100 to sign up as a partner (and sign an nda) to get access to.
It's more involved.
In the end it's not worth the hassle trying to do what you want. Not
for $.04 per transaction.
Chances are good that you will get classified as a payment gateway or
software provider and be required to go through yearly audits, which
start at around $10,000 per year. Merchant banks are now asking most
merchants what software/payment gateway they are using (as it's up to
the bank to enforce PCI), and if you aren't on the list guess what,
they can't use your system.
This is some good reading for how it all works. Note how broad the
definition of 'payment gateway' and 'service provider' are. There is
a reason for that:)
Conrad and Chris, Thank you for your thorough responses.
Chris, Let me see if I understand you correctly. Your advise is to
forget trying to become an ISO and be certified through V/MC (thus
paying $5,000 -10,000 yearly). Instead just concentrate on connecting
with the First data and Vital's API gateway (which will bypass
I understand that First Data has an API which they can provide me with
for $100.00 but what about Vital? Do they also have an API gateway?
From my research many years ago, not all processors provide you with
an API gateway or SSL Gateway. Is this true?
Right now, that's what I have to do to register a new customer with
1. Customer signs up with us.
2. Customer uses Bank of America Merchant Services.
3. I set them up with Authorize.net (we are a reseller and pay $15
per each set up and .04 per transaction).
4. Authorize.net gives me an API username, API password, and API
5. I incorporate this information into our software and now the
client can begin making sales using our software/machine.
If I'll get rid of Auth.net I will not only save the 4 cents but maybe
my customer will be able to connect to my system
without me doing it for him!
I hope this clarifies my issue.
Element Express (www.elementexpress.com) through Element Payment
Services offers an XML/SOAP API that allows you to cut out the middle-
men like Authorize.net to get away from gateway fees and support
nightmares. If you are concerned about PCI compliancy costs, they
also provide a service that securely stores your cardholder
information and provides a reference pointer to access the data for
future payments. That removes much of the liability from the merchant
and/or vendor, and Element is listed as a PCI-compliant Service
Provider on Visa's web site. With V/MC getting more and more involved
in ensuring software solution compliancy, it might be worth taking a
look at them.