Online payment processing is the infrastructure that allows ecommerce businesses to accept payments from customers who aren’t physically present. Unlike in-person transactions where the card is swiped or tapped, online payments are “card-not-present” (CNP), which comes with different technology requirements, different fraud risk, and different regulatory obligations.
How Online Payment Processing Differs from In-Person
| Dimension | In-Person (Card Present) | Online (Card Not Present) |
|---|---|---|
| Fraud risk | Lower (card is physically verified) | Higher (no physical verification) |
| Interchange rate | Lower (1.5%–2.0% typical) | Higher (1.8%–2.5% typical) |
| Authentication | Chip + PIN or signature | 3DS, CVV, AVS, device fingerprint |
| Chargeback risk | Lower | Higher (no physical evidence of card presence) |
| PCI scope | Varies by terminal type | SAQ A–D depending on integration |
What You Need to Accept Online Payments
A Payment Gateway
The technology that securely collects your customer’s card details and routes them to the processor. For WooCommerce, this is typically a plugin that integrates with your checkout.
A Payment Processor / Merchant Account
The company that routes your transactions to card networks and settling banks, and ultimately deposits funds to your business bank account.
SSL Certificate
All pages where customers provide personal information must be served over HTTPS. This is both a PCI requirement and a trust signal to customers.
Fraud Prevention
Online payments have higher fraud rates than in-person. You need: CVV verification, AVS, 3DS authentication for high-risk transactions, and machine learning fraud scoring.
Payment Methods to Support Online
- Credit cards (Visa, Mastercard, Amex): Required. The primary payment method for most online purchases.
- Apple Pay: Growing rapidly. One-tap checkout on iPhone/Mac — significantly reduces mobile abandonment. 5.8x fewer chargebacks (ConvesioPay Q1 2026 data).
- Google Pay: Equivalent to Apple Pay for Android/Chrome users.
- BNPL (Klarna, Afterpay, Affirm): Worth adding for average orders above $75 in relevant categories.
- Local payment methods: Required if you have significant traffic from specific international markets.
PCI Compliance for Online Merchants
PCI DSS compliance is mandatory for any business accepting card payments. For online merchants using a gateway that handles card data in an iframe (not your server), the compliance scope is minimal, typically SAQ A, with 22 requirements. Choosing a gateway with an embedded iframe checkout (like ConvesioPay’s WooCommerce widget) is the simplest path to minimal PCI scope.
ConvesioPay for Online Merchants
ConvesioPay is purpose-built for online WooCommerce commerce: embedded checkout widget (SAQ A PCI scope), Apple Pay and Google Pay, smart 3DS, RevenueProtect fraud management, real-time analytics, and Adyen’s institutional acquiring infrastructure. Everything an online merchant needs in a single WooCommerce plugin. Flat rate: 2.9% + $0.30, no monthly fees.
Ready to get started? Learn more about ConvesioPay or view pricing.