Being able to process recurring payments against the customer’s credit or debit card is a vital tool for some merchants. It is particularly useful for transactions such as annual renewals, for instance of insurance policies; for monthly magazine subscriptions; and ongoing charges such as mobile phone bills.
Termed a Continuous Payment Authority (CPA), it is the equivalent of the direct debit service provided by banks. However there are significant differences; direct debits are covered by the bank direct debit guarantee scheme, which refunds the client automatically in case of error. In the case of a CPA, the agreement is between the merchant and the client rather than between the client and the bank. The client may cancel a CPA directly by contacting the merchant, or they can cancel it directly with the bank.
Do All Merchant Accounts Handle Direct Debits?
No – not all merchant accounts can process recurring payments. If you need the facility to take recurring payments, then you need to select a payment gateway that will allow you to do so.
Even if you have a merchant account that is able to process recurring card payments, you still need to obtain a CPA, which is a contract between your acquirer and the credit card issuing banks. As this theoretically grants the merchant the authority to charge the customer’s credit card without specific permission at any time and for any amount, there is a significant element of risk.
Thus merchant account providers will only grant a CPA to trusted merchants with a proven history. It can be very difficult for start-ups to obtain such a facility.
UK Providers That Provide Recurring Payment Card Processing
In order to use recurring payment card processing, you will need to store the credit card details of your customers. This means that you will need to comply with PCI DSS security standards in order to take recurrent payments through payment gateways. However, there are alternative solutions. Some providers facilitate recurring payments by securely storing credit card details and interfacing with payment gateways, which means that the merchant does not directly access these details.
SagePay is a trusted payment gateway that offers recurring payments at no additional charge to the merchant. However to use the service it is necessary to obtain a continuous authority merchant account.
With the facility to take recurring payments and reasonable processing charges, Stripe provides an elegant and simple solution. There are no setup charges and there is no need for a separate merchant account.
Braintreeprovides an easy set-up route to taking recurring payments. It will store customer credit card details in a secure vault and handle each billing cycle automatically. Thus merchant CPI compliance requirements are minimised.
One of the first payment processors, WorldPay has gone from strength to strength. You will need a separate merchant account and PCI compliance in order to take recurring payments.
PayPal (Website Payments Pro)
The PayPal Website Payments Pro service is one of the easiest ways setting up a recurring payment facility. It is easy to integrate with your website and you don’t need a separate merchant account. The downside is that is relatively expensive with a monthly charge and high processing fees.
AlertPay is a registered in Canada and is similar to PayPal though very much smaller. Although it is still establishing its reputation as a reliable gateway, it is able to take recurrent payments.
Recurly is a platform for taking recurring payments that doesn’t require you to have a merchant account with CPA. It isn’t itself a payment gateway; rather it integrates with several third party payment gateways. In the UK these include: Authorize.Net; Braintree; Cyber Source; Sagepay; Stripe; Wirecard; and PayPal
Spreedly provides a similar service to Recurly. It securely stores credit card details in a vault enabling merchants to take recurring payments. Credit card details are tokenised which minimises the merchant’s PCI compliance requirements.
How much does this cost?
One of the major costs is setting up and maintaining PCI DSS compliance. For large companies this has cost several million pounds overhauling their systems to achieve the required standards. Even for smaller organisations it can cost tens of thousands of pounds. By using a solution such as Recurly these costs can be almost eliminated as the credit card details are not stored on your server.
Alternatively, a service such as PayPal allows you to take recurring payments into a PayPal merchant account easily. The processing costs are relatively high at 3.4% + 20p a transaction for modest volumes, though these reduce on a sliding scale for high volumes.
For large businesses that have PCI DSS compliance the lowest cost is achieved through a conventional merchant account and payment gateway. Processing recurring payments can cost as little as 1% per transaction depending on the specific market.