I recently launched a niche startup selling addon content for Photoshop. It's a purely digital-goods business: people pay money and in return they get an email with a download link.

I looked at a bunch of solutions (shopify, 2checkout, paypal, authorize.net, e-junkie, and others). Ultimately, I went with a company called FastSpring. It's a third party shopping cart solution, but they let you use your own xhtml/css template. They do include some text in the footer to let you know who's providing the service, but it's not really intrusive.

If you want to see how it looks, here's a page from my site. Click the add-to-cart button: http://photoshoplayerstyles.com/sale

Overall, I really like their service. They pay out twice a month, directly into my bank account. I'm in Canada, and most places just won't do this, so it was a nice surprise when it just worked.

Edit: I should mention, they handle international sales smoothly, too. I've had sales from all over the EU. They detect the country, do currency conversion, charge the correct VAT, etc.

I run a similar service called BitBuffet that delivers those one-use download links after payment, its linked to PayPal and is very easy to setup.

If any HN'ers want to give it a spin on your next project that involves digital downloads, let me know and I'll give you a free account. Just promise to let me know what you like and don't like! ;-)

Offtopic, I remember seeing this when you announced it. How's the site going?

Not bad. It paid my rent this month.

Conversion rates are good, but getting links and traffic has been difficult. If I could move the site up from #7 to #1 for my domain keywords on Google, I'd be very happy.

Good Luck :)

That's an interesting site.. Checking it out now.

We have had several different merchant accounts and bank accounts over the years, and have found that your bank is probably the last place from which you want to obtain a merchant account.

These days most businesses (online businesses, at least) obtain a merchant account through an Independent Sales Organization (ISO). The ISO is basically an independent sales rep for a Merchant Services Provider (MSP) associated with a bank. When your account is set up, the funds from your customer pass seamlessly through the MSP's bank and are deposited into your local bank account.

The ISO makes his/her money through fees on your account. The more sales you have, the more they earn.

Competition between ISOs is intense, so it pays to shop around. Every local bank I've dealt with "outsources" their merchant accounts to an ISO. I assume the bank receives referal income from the ISO, as the fees we've been quoted for a merchant account through a local bank have always been higher than we've found elsewhere.

A few months ago, we quit having our own merchant account and moved to PayPal, as basic interchange fees have increased to the point where we found that is the least expensive option for our level of sales (>$10,000/month).

We use a basic PayPal Website Payments Standard Account using their name-value pair (NVP) interface. Our customers enter their shipping address data on our web site and their credit card information on PayPal's web site so we don't have to worry about PCI compliance. We use custom headers on our order page ("Checkout: Step 1") and our PayPal page ("Checkout: Step 2") to make it look pretty seamless. You can upgrade to a Website Payments Pro account for $20/month if you want to do it all on your own server, however.

Just one small nit: Website Payments Pro was raised to $30/mo a little bit back. We used this for some time and it worked reasonably well, but there are other options that don't cost as much.

We use a combination of our own merchant account through a reseller and Authorize.net, which has about half the monthly fees of the PayPal option and lower rates.

It took us months to get a payment system for my start up in Australia. Its a nightmare. You are correct in thinking there are only two options - a merchant account or a service like paypal or authorize.net. However, if you have a merchant bank account and use a 3rd party gateway, you are submitting and storing the credit card information on the gateway and not on your own server, therefore PCI DSS complaince is not required. Many credit card gateways have APIs so that you can create a seamless experience if you wish. I would certainly try approaching the banks for a merchant account. Our company was fairly new when we got our merchant facility and there was never any concern about how old the business was. They were more interested in the type of product and thus the risk of getting charge backs. The bank may also be happy to provide the facility for a security deposit. Also, before you make a final decision, compare all the charges and how much the facility is going to cost your business. The charges seem to vary dramatically between banks and providers.

(1) At least in the US, banks are only one way of getting a merchant account. There are decent number of companies that offer merchant accounts. It is a pretty competitive business and there are plenty of companies and affiliates vying to get you under their belt because they get a fraction of a % of sales you do for life. Google around. Banks may not be the best option. In U.S you can definitely get a merchant account for new businesses with little history. I was able to get one at 15 under my brother's name--who was barely 18 and had no prior biz record.

(2) Yes, merchant account can help you avoid 3rd party pages and gives you complete control of the flow of the order process.

(3) Yes it is a bad, bad idea and mostly not officially acceptable to store cc info on your server.

Actually, in the UK, banks are pretty much the only way of getting a merchant account, see:

http://www.businesslink.gov.uk/bdotg/action/detail?type=RESO...

(sorry for shitty URL)

The only non-bank merchant accounts you can get are Amex & Diner's Card, both of which only work for their own cards.

He's referring to Independent Sales Organizations (ISOs), which are groups sponsored by acquiring banks to underwrite, provision and maintain merchants accounts for clients.

You are responsible for the security of any information on your system. Thus you should want to be PCI DSS compliant even if it is not a requirement.

Take a look at PayPal Website Payments Pro.

https://www.paypal-business.co.uk/process-online-payments-wi...

Why don't you want to use PayPal. Its a pretty safe path to start accepting payments online and you can use their transparent API so they are not visible. Get an account, read their API docs and security best practices for the language of your choice (and in general). Implement an example from the docs on your server and grow it from there. Don't store credit card data on your server and don't cut corners when checking integrity of communication between you and PayPal.

Paypal is expensive and I have had too many problems with them to ever consider using them for my business.

Also note that in general, keeping away dubious companies helps both your own reputation and the society as a whole.

And PayPal has gained a lot of bad reputation for several reasons. The Wikipedia provides a good summary of the issues: http://en.wikipedia.org/wiki/PayPal#Criticism_and_limitation...

The easiest way for you to achieve PCI compliance is definitely by using a 3rd party gateway. Customers will have to leave your site but you can usually skin the gateway page to look like the original store. If credit card data is entered in a PCI compliant server, even in an iframe on your site, then you aren't responsible for making your server PCI compliant to accept credit cards.

I did lots of research and finally settled with Payloadz ... visit https://www.payloadz.com/default.asp

Edit: they support PayPal, Google Checkout, 2Checkout, Amazon Payments and TrialPay - also you can use their system to create your own affiliate system/network.

Can anyone make recommendations for merchant accounts in the US? Are there any that you would avoid? beanstream, authorize.net and Braintree all look pretty similiar, are there any real differences? Thank you!

Self promotion here, but I suggest you check out http://payfacade.com. We're trying to make life of web developers easier regarding online payments.

I highly recommend talking to Isaac and the team over at recurly.com (you can guess his email address (: )

Even if you don't end up using them you'll get some very valuable intel.

Off topic: I always wondered how to put a 'smiley' inside of brackets, I never considered making it face the other way around. Genius!

See also this previous thread on the topic: http://news.ycombinator.com/item?id=1074860

Have you looked at 2 Checkout?

http://www.2checkout.com/community/

What kind of bullshit banks in the uk wont give a business a merchant account?

Anyway, chargify can recommend you some gateway/merchant account providers.

From the text of his question it doesn't sound like he's actually asked yet.

I also read recently that chargify only works with Barclays in the UK, but I'd check that out yourself.

In other words, OP, you probably have more options than you realise, go talk to your bank's business advisor. Or a few banks. I mentioned to mine that I will want to do what you want to do in a few months and she didn't bat an eyelid, although I haven't yet pursued it.

Also, why post with a throwaway account? It's a perfectly good question, the whole area's fairly confusing at first!

You might find my free ecommerce cheat sheet helpful if you go the custom solution route (merch acct, cc processor, etc): http://jumpstartcc.com

Looks interesting, thanks. BTW the page says "2009", might want to bring it up to date.