Accept credit cards on your website

Introducing a new generation low cost method to safely and easily accept online credit card payments from your website or shopping cart without any on-going payment gateway transaction fees or charges.

Australia's most affordable internet credit card payment gateway, e-Path, delivers a uniquely easy and secure system engineered from the ground up to comply with, and in some areas exceed, the security standards and requirements of the Payment Card Industry Data Security Standards (PCI DSS).

e-Path also complies with CDU (Critical Data Unplugged), a new initiative born from Police and law enforcement advice the world over on how to achieve the ultimate security for critically sensitive data in respect to the increasing risks and vulnerabilities of the internet. The initiative advances the ultimate security ideal for protecting all forms of critical data in the internet connected world.

With e-Path there are...

A new and less costly way to accept online credit card payments

e-Path is a manual credit card payment gateway that provides the complete secure PCI DSS compliant front-end environment (unique and exclusive to each gateway client) that enables your customers to safely make a credit card payment charge authorisation to you from the internet. e-Path is the secure 'gateway', in the true meaning of the word, between your customer and you.

Being a manual payment gateway means that when someone makes a payment, credit card details are entered by the business owner into their merchant account facility to process the charge on the card, just like when receiving credit card payments from over the phone, by fax machine, via postal mail order or if someone pays by credit card in person.

e-Path is a low cost super secure method to accept credit cards online where you will uniquely have full control over what is accepted and charged into your own private merchant account. No more risking things with blind transactions being performed straight away online without you knowing about it.

So, if you are looking for a method to accept credit cards online via a CDU and PCI DSS compliant service and like the idea of saving a considerable amount of money then you are reading the right website!

A new era in e-Commerce security .... finally!

Although our low fixed yearly price and the absence of all ongoing gateway fees and charges is powering our appeal, it is in fact in the area of security where you as the business owner will benefit the most.

e-Path removes much of the core vulnerability and risks that have plagued the online e-commerce industry and burdened online businesses with excessive costs ever since e-commerce began. This bold initiative to re-engineer the system from scratch has resulted in not only a less costly alternative method to accept credit card payments online but also one that delivers greatly improved levels of security and protection for all parties involved in the process.

With e-Path everyone benefits, you as the online business owner, your online cardholder customers, your merchant account facility provider and even the card vendors themselves. This is what e-Path is all about.

In a nutshell, here is exactly what using e-Path and manual offline processing of credit card payments received online from the internet can mean for ...

The Business Owner

The Cardholder

Banks (merchant accts)

Credit Card Vendors

	This is the ideal servcie for any business owner who may not want their system to automatically and blindly accept online orders from anonymous individuals and charge credit cards 'live' on the open internet without them knowing about it - like what happens with typical 'real time' payment gateways. With e-Path the online business owner finally is in control over what orders are accepted and what credit cards are charged into their own private merchant account. A much less expensive system to begin with. No gateway transaction fees and e-Path is one of the all time most affordable credit card payment gateways. Easy to connect to. No special programs or server side configurations needed. No costly SSL or dedicated IP address needed for your website. Your gateway will be fully protected by THAWTE SSL provided by e-Path. No PCI DSS compliance certification needed for your website because your website doesn't touch credit card data. Your secure e-Path gateway is PCI DSS compliant which means you will be accepting credit cards online in accordance with PCI requirements. Your merchant account is completely removed from the vulnerabilities of the open internet. Gone are the days when anyone anywhere can transact a stolen credit card 'live' into your merchant account without you knowing then you have to wear the cost of the loss down the track. That insane risk ends with e-Path. If you have an existing EFTPOS terminal approved to allow card not present transactions to be entered (MOTO enabled), then you may not need another merchant account at all. e-Path delivers the critical security and control that is completely missing from when you have a credit card payment processing gateway performing 'live' transactions in real time on the open internet - which is the number 1 way online credit card fraud is perpetrated in the world today. With e-Path criminals will NOT be able to instantly transact fraudulent payments live and instantly into your merchant account on the net without you knowing. Despite the best efforts from within the industry the actual root cause of roughly between 85% to 90% (quite possible more) of all credit card theft can be traced back to credit card details being compromised (hacked into, copied, stolen, etc.) when stored within internet accessible storage devices, databases, systems and networks. Even with this undeniable risk the practice of storing critically sensitive credit card and identity data has become common place today, real time payment processing gateways and online shopping carts are examples. So serious is this risk to the security of sensitive credit card and personal identity information that many hundreds of millions of dollars are spent each and every year in the relentless pursuit to protect this highly confidential data from hackers, cyber criminals and internet crooks. The PCI DSS itself was born from a critical need to help counter this very vulnerability (amongst others). Ever evolving techniques and methods invented by unscrupulously individuals and criminal syndicates means the battle to defend against these threats is an ongoing one, hour after hour, day after day. It is a worrying fact that current defences are not always capable of protecting your credit card details .... More than 100 million credit cards may have been compromised in data breach Visa confirms another payment processor breach Credit card breach exposes 40 million accounts 40M credit cards hacked 40 million credit cards exposed However, with e-Path this utmost serious vulnerability, which is the core root cause of the majority of credit card and identity theft in the world today, has been terminated. It no longer exists. e-Path has been engineered to eliminate the need for credit card details, transaction information and highly sensitive identity details to be permanently stored by the payment gateway once and for all. Once the offical bank approved merchant account owner is in receipt of their customers credit card charge authorisation, as far as e-Path and the internet is concerned it is as if that online payment never occurred in the first place. Nothing is permanently stored by e-Path on the internet. No names, no card numbers, no transaction history, no expiry dates. Nothing. Therefore, e-Path terminates the core reason why credit card details and other forms of highly sensitive data potentially become available to 'hackers', 'fraudsters' and 'cyber criminals' on the internet in the very first instance .... They can't thieve something that doesn't exist! This extreme and ultimate form of security is known as CDU (Critical Data Unplugged). The CDU initiative has its origins with Police services around the globe and directly stems from advice to the general public and business communities on how to safeguard critical sensitive data from threat within the internet connected world. When a bank provides a business owner with a manual merchant account facility to enable that business owner to charge credit card payments received online through e-Path, the banks exposure to direct risk can be greatly reduced than when compared to if it were supplying an internet based merchant account facility connected up to a third party 'real time' payment processing type gateway. While card not present transactions remain the highest risk transaction type of all, the fact is a manual merchant account will never allow anonymous online individuals to directly and automatically transact a stolen credit card live into it, the ability of which is the number one reason why fraud is so easily perpetrated anonymously online today. With the current third party 'real time' processing gateway/internet based merchant account system anyone anywhere can anonymously enter any credit card they like online for it to be communicated live directly with the merchant account of a business owner without the business owner even knowing. It can be well argued that the third party 'real time' gateway processing system's actual design has inadvertently created the perfect made-to-measure tool for 'fraudsters' and 'cyber criminals' to facilitate their illegal activities on the internet in the first place. To counter this, anti-fraud screening services such as 3-D Secure™, Verified By Visa™, Master Card Secure Code™ etc., can be deployed to defend against this open vulnerability. Each are highly potent and powerful automated fraud screening systems that are continually being improved upon. But circumstances need to be right for them to be effective. There is a crippling multi billion dollar world fraud cost (and growing) each year that is hard evidence the automated fraud screening systems are not providing unequivocal and guaranteed 100% protection for the online business owner against falling victim to fraudsters instantly transacting stolen credit cards into a live 'real time' gateway and thus directly into the merchant account of the online business owner. However, when e-Path is the gateway, for the first time banks can now provide a manual merchant account service to transact credit cards received online where only the legitimate bank approved merchant account owner is the only one performing the charge into the merchant account. The merchant account facility is not being left open and accessible to the entire population on the internet and will not allow anonymous individuals to transact any credit card they like into it live on the net straight away without you knowing anything about it - that appalling vulnerability, which is the actual way near almost all online credit card fraud is perpetrated in the world today, is completely eliminated when a manual merchant account is used. Fraudsters and cyber criminals suddenly no longer have the means to anonymously transact stolen credit cards 'live' on the net and get the live transaction response they look for. This wide open door is shut permanently closed when e-Path is the gateway and a manual merchant account is the merchant account facility. Therefore, overall exposure to direct risk for both the business owner and the merchant account provider (usually a bank) is greatly reduced. The end result of this is not only substantial potential cost savings for both the online business owner and the bank itself but also they both have effectively eliminated the very vehicle that enables instant online credit card fraud to be perpetrated in the first place. The bank will also be aware that with a manual merchant account the business owner now has the opportunity to check highly pertinent details about the buyer and order prior to deciding to charge the card. This means the business owner has the chance to identify and terminate any fraudulent payment attempts prior to them doing any harm - again, something that is not possible when accepting credit cards online 'live' on the net via a third party 'real time' processing gateway system connected to an internet only based merchant account facility. The fact that banks can now supply merchant account facilities that will only allow approved merchant account owner access to charge credit cards as opposed to allowing full and open anonymous access from anyone anywhere on the entire internet represents a benchmark achievement in terminating the number one main method used by fraudsters and cyber criminals to actually perpetrate fraud online in the fist instance. We of course can not speak on behalf of card vendor companies, but the fact they can now supply their credit card product to consumers to engage in online e-commerce knowing their product will no longer be permanently stored by the payment gateway or in internet connected databases, shopping carts, storage device or networks, we assume, must be considered as an extremely tangible positive. Of all the resent security breaches involving credit card payment processors, if we take into consideration just the one where 40 million credit card were compromised, then the cost to actual card vendors just to physically replace those credit cards would be around 400 million dollars. It is reported that it costs card vendors roughly around $10.00 to physically replace a stolen credit card with a new one. Think about that for a moment ... that equates to a 400 million dollar cost just only on replacing the stolen credit cards alone, not even taking into account the cost of the losses to businesses all over the world that only this one breach resulted in. Yet, had e-Path been the credit card payment gateway not a single credit card would have been permanently stored anywhere online in the first place, therefore, not a single credit card could have possibly been stolen. You can't thieve something that doesn't exist. We do not want to infer or imply card vendors have a particular attitude or view towards the new e-Path service one way of the other, however, we can safely assume there would have been some serious 'back patting' going on had they been saved from having to spend 400 million dollars, not to mention the incalculable cost that also could have been saved that was incurred by every business around the world that supplied products or services purchased with those stolen credit cards.

Use your existing EFTPOS terminal to save even more money!

For those with an existing EFTPOS terminal that is already approved to allow manual card not present transaction processing (MOTO/MST enabled), then to start accepting credit card payments from your website or shopping cart you will only need e-Path, nothing else.

To ensure you remain compliant with your banks merchant account usage requirements, the EFTPOS terminal must be approved to allow you to process in to it card not present/non face to face credit card payments made to you.

Utilisng an existing EFTPOS terminal to charge received payments negates the need for another costly internet based merchant account facility all together!

A new merchant account

For those without an existing MOTO or MST enabled merchant account facility, then you will need to obtain one from a bank.

There are many types of merchant accounts with the most popular being the manual merchant account (MOTO or MST) which will only cost in the area of $30.00 per year plus the usual range of bank fees and charges that can differ from bank to bank.

These manual merchant account facilities give you a secure bank hosted page to go to (just like internet banking) that enables you to enter in your customers credit cards to charge them. They are excellent solutions because you can then receive credit card payments via numerous card not present ways, such as if someone was to pay you over the phone, by fax machine, or send you a completed mail order form as well as of course ad hoc from the internet.

The massive advantage that these manual merchant account facilities offer is they absolutely guarantee you remain totally in control of what credit cards are charged into your own merchant account facility - no more blind e-commerce transaction processed 'live' and instantly on the open internet by anonymous individuals and into your account without you knowing - which is the exact method responsible for nearly the entirity of online credit card fraud in the world today - this can NOT happen when you have e-Path and a manual merchant account!!

To learn more about merchant account requirements, see: Merchant Accounts Requirements