When Stripe started in 2010, we offered just one capability: payment processing. Since then, we’ve heard from our customers over and over how central payments is to their business, and how tightly interwoven it is with so many other functions: product development, taxes, accounting, customer experience, geographic expansion, and more. These conversations led us to continuously expand the Stripe platform to support a host of additional capabilities.
The breadth of our platform today reflects our underlying philosophy: Payment processing, as it’s been traditionally thought of, is too narrow an offering to address what most businesses are trying to solve for when they’re looking for a payments provider, which we are defining here as a full-stack acquirer processor. Buyers are right to expect more than just a low-cost utility. Over the last decade, payments has evolved from a cost center to a strategic lever for innovation, revenue growth, and business transformation.
Many businesses come to Stripe looking for a technologically advanced platform that will enable them to quickly respond to changing customer preferences and market opportunities. While it can be tempting to choose different point solutions for payments, billing, fraud detection, revenue recognition, reporting, and so on, stitching together different systems is technically complex, requires heavy maintenance, siloes data sources, and will ultimately slow down your pace of innovation.
In this guide to a Request for Proposal (RFP), we’ve captured the most overlooked capabilities you should look for in a payments provider. These are the questions our customers have told us they wish they had asked their previous providers. This isn’t an exhaustive list of RFP criteria, but rather, questions that you may want to consider in addition to core payment processing and gateway questions. To get started quickly, you can download our RFP template with questions mapped to each of the following areas of evaluation.
Business model requirements
Before kicking off an official RFP process, the first question to ask yourself is, “What is our business model today, and how might it evolve in the next 5 to 10 years?”
You may want to look for a provider that can partner with you to achieve strategic, long-term goals beyond meeting your basic payments acceptance needs. This requires a thought leader that stays ahead of the constantly evolving payments landscape and supports a wide range of business models with an integrated platform.
For example, if you’re a retailer looking to launch a person-to-person marketplace to attract a new type of consumer, you’ll need to consider if your payments provider can support a multiparty business model to split and route funds, onboard sellers and service providers compliantly, and make payouts around the world. Additionally, if you are looking to increase recurring revenue and retention by launching a membership program, you’ll need to consider if your payments provider can support your desired pricing and subscription billing model, including capabilities like churn reduction, revenue recognition, and reporting. As the lines between commerce channels blur, you should also consider whether your payments provider supports a holistic omnichannel offering, with robust in-person capabilities integrated with online solutions.
Questions to ask providers
In addition to evaluating ecommerce payments capabilities outlined in this guide, you may want to consider the following factors based on your specific business model.
For a recurring revenue business:
Companies as diverse as SaaS businesses, digital content providers, on-demand delivery companies, D2C retailers, airlines, and many more collect payments on a recurring basis. You will want to consider these questions if you currently offer or plan to offer subscriptions, memberships, or other recurring payments:
-
Does the payments provider also offer an in-house billing solution?
- If not, does the billing provider integrate directly with a payments provider or a gateway?
- If not, does the billing provider integrate directly with a payments provider or a gateway?
-
Can they unify billing and payments logic to reduce costs and complexity?
-
How do they reduce involuntary churn, and can they demonstrate the effectiveness of these methods?
-
What pricing models does your billing provider support (e.g., usage-based, per-seat, metered pricing, tiers, flat-rate plus overage, free trials, discounts)?
-
Do they help you stay compliant by automatically calculating and collecting sales tax and VAT on subscriptions or invoices?
-
What kind of payment flexibility does the solution offer out of the box (e.g., prepay for a subscription before it starts, schedule a subscription for a future start date, backdate a subscription, bill in installments)?
-
Does the online checkout flow allow customers to start a subscription and encourage upgrades from monthly to annual plans?
-
Is there a dedicated portal for your customers to manage their subscriptions and invoices and view and update payment details?
-
Are transactions automatically pulled into revenue recognition tables and charts (e.g., a revenue waterfall) and account reports (e.g., balance sheets, income statements, debit and credit journals)?
For additional billing criteria, refer to Stripe’s Billing RFP guide.
Since multiparty business models exist in many forms, Stripe draws a distinction between marketplaces and platforms.
A marketplace is an online business that connects sellers or service providers with consumers who purchase goods or services.
A platform is a business that enables other businesses to sell products and services on top of their infrastructure.
For a marketplace or platform business:
-
Does the provider offer progressive onboarding capabilities, allowing customers (sellers, vendors, individuals) to provide the minimum compliance details at initial account creation and fill out additional information later?
-
Which tools are offered to support customer identity verification? Is verification done programmatically or manually?
-
Does the provider offer prebuilt dashboards and reports and allow platforms and marketplaces as well as customers to build their own?
-
Does the product support the ability to fully whitelabel the solution, allowing you to customize branding and own the end-to-end customer experience?
-
What kind of payout schedules are available?
-
Is it possible to offload risk management to the provider? What tools does the provider offer to manage risk, refunds, and disputes?
-
Can you onboard sellers or service providers internationally?
-
On what timeline does their typical marketplace or platform user launch? Can the provider offer customer references similar to your business size and complexity?
-
What payment methods are available to sellers and service providers, in terms of digital wallets and local payment methods (including buy now, pay later)?
-
Does the provider offer in-person, recurring, or invoicing payments?
-
Does the payments provider offer the ability to issue spending cards, payout cards, or financing to increase customer acquisition and lifetime value and generate new revenue for your business?
For a business that accepts in-person payments:
If your business takes payments both online and in stores, providing an omnichannel experience should be a key consideration.
-
Can you integrate with the provider’s solution and expand across channels or markets with minimal additional engineering effort?
- Do you get access to normalized reporting across channels, payment methods, and markets so you can view all payments in a consistent manner?
- Does this include customer journey behavioral insights to inform your marketing strategies and loyalty programs?
- Can the provider offer a unified consumer view regardless of where a transaction originates?
- Do you get access to normalized reporting across channels, payment methods, and markets so you can view all payments in a consistent manner?
-
Is there a central dashboard where you can manage readers, order devices, and monitor activity?
-
What types of point-of-sale (POS) software and hardware does the provider offer or support?
-
Does the provider offer APIs and SDKs to enable you to build custom in-person payment experiences?
-
Can the provider support mobile payments like tap to pay with mobile, QR codes, or pin on glass?
-
Does the provider offer precertified hardware or other resources to reduce your organization’s EMV certification burden?
-
How much online and offline volume does the provider process?
Integration experience
When you make the decision to invest time and resources to select a new provider, there is almost always an underlying business critical reason. It could be that your current provider’s performance in authorization rates or relationship management deteriorated, their technical limitations hindered innovation, or, in the worst case, they experienced an outage. In other cases, you could be adding a new provider to maximize performance, reduce fraud rates, expand to new countries, or add new payment methods.
Consider whether a provider has the tools, technology, and services to support a successful integration and deployment on a timeline that works for your needs. The clarity of API documentation and the steps required provide a good starting point to gauge technical sophistication. Ensure that the provider offers the integration interfaces you require, including prebuilt integrations or connectors with the business operations, ecommerce, and IT systems you currently use. There is an added benefit if the provider works with integration and consulting partners you may have existing relationships with. A potential provider should also have the technical wherewithal to accommodate bespoke requirements and create custom solutions that improve your payments stack.
Questions to ask providers
-
What is the average time to go live, what development resources are you expected to provide, and what implementation support does the payments provider offer?
-
What is the quality of that support, and how long does it take to leverage technical resources when requested?
-
Which programming languages are supported by the API, and are additional tools (code samples, SDKs, and clear, usable documentation) available?
-
Does their documentation include code snippets, detailed steps, and easy-to-follow recipes?
-
Do they offer a test environment or sandbox as well as test cards and bank accounts that capture your unique payments needs?
-
How much engineering time and cost can your provider help you save?
Architecture
When considering a provider, it is important to find companies with a unified platform, which avoids the need to stitch together disparate systems. A provider with unified payments, billing, and fraud capabilities, for example, provides architectural benefits over integrating and managing multiple suppliers. Consider the level of ongoing maintenance your team will need to engage in. Look for providers that invest in developers so that your limited engineering resources can focus on projects that drive business value, rather than keep systems running. At the most fundamental level, ensure that a provider meets your needs when it comes to stability, flexibility, scalability, and your future roadmap.
Stability
When you process millions of transactions every day, any downtime creates substantial costs. A common industry standard uptime of 99.95% still equates to 263 minutes of downtime a year. Industry-leading availability of 99.999% brings this down to 5 minutes and 15 seconds. Processor downtime does not just impact that lost window of sales, but also negatively impacts the lifetime value of that customer. Customers that experience a decline caused by outages may opt to take their business elsewhere, which may damage brand equity. When considering a payments provider, ensure they have a strong record in minimizing downtime and a strong commitment to transparency around platform health metrics. Query their historical uptime. The ideal provider will also have failover procedures in place for any unplanned outages and conduct maintenance without the need for downtime.
Flexibility
A global, unified, API-based payments infrastructure enables rapid development, giving you the flexibility to drive innovations, add new payment types, expand to new markets, and build new payment experiences and financial services offerings. The ideal partner will offer full optionality, all while minimizing the engineering effort required and reducing long lead times for new functionality. Plus, a payments provider with reliable infrastructure and fewer points of failure will require less maintenance and free up your developer resources to concentrate on business critical initiatives.
Scalability
In cases of peak events, you want confidence your provider can handle the influx of volume. It is important to understand both standard transaction processing volume and the extent to which the provider can scale. Consider spikes in volume you experienced in the past around sales, holidays, or viral moments to set a baseline. If a sale results in a 70% jump in processing volume, ensure the providers under consideration can scale load to that level. Query how the payments providers run load tests and historical performance managing similar surges in traffic.
Building for the future
Your payments provider must invest in an active development team to ship new features, respond to changing market dynamics, and stay ahead of the curve in the ever-changing payments landscape. A technical payments provider with a solid foundation to support continuous change and innovations should preclude the need for a costly re-platform, and re-RFP, in the future. It is important that roadmaps align, and, in the ideal state, you can influence the roadmap of a payments provider to address your requirements.
Questions to ask
-
Does the provider publish their uptime and offer a transparent view of real-time platform health metrics?
-
What are their stated SLAs for API availability? What is the actual historical uptime for the last 12-month period?
-
Will the payments provider’s technology complement and improve your existing systems, reducing complexity and future-proofing your payments stack?
-
How quickly can they turn on new payment methods?
-
How reliable and scalable is their infrastructure? Can it maintain consistently high uptime during peak seasons like the holidays and Black Friday and Cyber Monday?
-
Are they able to scale to your volume and handle peak events?
Payments performance
Your vendor ultimately must allow you to accept payments in the manner required by your businesses. Given the nuances of the card payments industry and the unique requirements of enterprises, this is not always as simple as submitting an authorization message through the networks to issuers. Look for a payments provider that offers core payments functionality to support your business model, specifically the ability to alter the “ergonomics” of authorizations and captures to fit your needs. For example, businesses that offer a service where the total transaction amount can change after authorization, such as ride-hailing, on-demand delivery, or those that support tipping, may need incremental authorizations or over-captures (or both). Other businesses, such as those in the travel industry, may leverage extended authorizations to capture funds after services are rendered. These
show a provider’s ability to manage payments to support a wide range of use cases.
Authorization optimizations
When mere basis points of authorization uplift can generate millions in additional revenue, it is paramount that your payments provider helps you accept more good transactions, maximizing conversion and authorization rates without a corresponding increase in chargeback and fraud rates. To accomplish this, your provider should act as a strategic, proactive partner responding to payments industry changes to optimize your payment operations and performance. Best-in-class providers will use machine learning to optimize authorizations to match issuer and network preferences, both on the initial authorization and with real-time retries. Direct integrations with the networks and strong partnerships with issuers improve machine-learning models and overall authorization performance through ongoing communication and data sharing, as well as opening channels for payments provider advocacy on behalf of businesses.
The payments providers you work with should understand your need for insights into declines and deeper understanding of successful authorizations. This is another area where a payments provider with direct connections to the card networks and a unified platform can outperform others. This type of provider can return the most granular decline codes and enhanced data fields, such as raw response codes, both of which help you understand your authorization rates, the benefits generated from optimizations, and root causes of declines. Your payments provider should be proactive in taking this data and recommending improvement strategies, working with issuers to address problems, and optimizing to improve authorization rates in ways specific to your business model.
There are multiple ways a payments provider engaged in the issuing space can improve authorization rates. First, payments providers that also act as issuers enjoy a higher degree of fidelity around the data needed to optimize authorizations. They have access to real-time ISO messages and retry activity by every acquirer that accepts their cards. The larger the portfolio of credit and debit cards issued, the more unique insights the payments provider generates on end-to-end transaction performance. This helps inform ongoing optimization efforts. Additionally, payments providers with a depth and breadth of issuer relationships can act as a strategic advocate for businesses. For example, a payments provider that observes a spike in declines should leverage its relationships to better understand issuer behavior and build optimization strategies to address root causes. A proactive payments provider will optimize payments performance in concord with issuers and with deep understanding of their decision models.
Subscription and card on file
For subscription and card-on-file businesses, a top-tier provider can increase transaction success. A basic provider will allow for tokenizing and storing card details for repeat purchases or recurring payments. Many payments providers will offer network tokens, but industry leaders dynamically use tokens or primary account numbers (PANs) to maximize transaction success and use other tools, such as real-time card account updater when necessary, to keep information fresh. Going a step further, top providers will apply
smart retry logic, powered by machine learning, to recover failed payments. Granular decline codes generated by direct network connections allow for the optimal retry strategy and data treatment to minimize payment failures.
Costs
In optimizing around cost, a provider should ensure that your acceptance costs are as low as possible. The best way to do this is to provide the most accurate transaction-level data, including network and interchange costs. With data in hand, your provider should guide you to the proper strategies to minimize costs and ensure you are paying the appropriate, but lowest possible, interchange rates. Your payments provider should offer tools and strategies to avoid downgrades. For example, they should help your business optimize checkout flows to capture the information necessary to avoid downgrades while minimizing friction.
Strong Customer Authentication (SCA)
For businesses with operations in Europe, the full rollout of SCA requirements makes a robust solution a business-critical necessity. Your provider should offer a sophisticated and frictionless SCA offering, with dynamic 3DS, for example. In practice, the provider should optimize between
3DS1.0 and 3DS2.x when necessary and maximize the use of exemptions wherever possible. Pay particular attention to the exemptions supported and whether they are requested automatically, as well as the payments provider’s transaction risk assessment (TRA) threshold, especially for high average ticket-value businesses.
Questions to ask
-
Can they support additional authorization and capture use cases, such as incremental authorizations, extended authorization windows, and over-captures?
-
How do they optimize conversions and authorization rates?
-
Is machine learning utilized in optimization efforts?
-
Do they help you understand and improve performance based on the nuances of your business, offering a transparent view into authorization rate uplift?
-
Can they give you a high degree of transparency into your payments costs, including detailed interchange and scheme fees associated with each transaction?
-
How do they keep payment details up to date to maximize successful transactions?
-
Do they offer batch and real-time card account updater?
-
Can they offer network tokens, and can they optimize their use by dynamically routing tokens or PANs depending on performance to maximize uplift?
-
Do they support appropriate dunning logic to recover failed payments, such as automatic retries based on custom retry rules or machine learning–powered smart retry logic?
-
Is this logic customizable without additional development effort?
Global coverage
If you operate a business in multiple countries, you may want to consider how well your provider can support your needs in each country. It is especially important to consider how easily new payment methods can be turned on without additional integration work or the need to register as a local entity. This drastically improves your ability to quickly bring your products to market and increase conversions. Your provider should be able to dynamically optimize your checkout flow by displaying the right language, payment methods, currencies, and form conventions based on the customer’s
location.
Ideally, your provider should have local expertise in your priority markets so that they can help your business navigate changing rules and regulations. Local acquiring can generate both authorization rate benefits and cost savings. If you operate a marketplace or platform, you should consider whether your provider can settle business funds locally and cover foreign exchange rate changes between the time of the charge and time of settlement.
Questions to ask
Global coverage and localization
-
Can the provider help you navigate local regulations to maximize authorization rates and minimize compliance?
-
Can they dynamically optimize your checkout flow based on the customer’s location?
-
In which languages are their products localized? Which languages can the customer support staff manage?
-
In which markets are their products available?
-
In which markets does the provider offer local acquiring?
-
In which markets is the provider directly connected to the card networks?
-
Which presentment currencies are offered and in which markets? Which settlement currencies?
Local payment methods
-
What are the steps to set up payment methods, and how quickly can new payment methods be turned on?
-
Is additional development effort required on your end to support a new payment method?
-
Do you need to register as a local entity to onboard onto a local payment method?
-
How do they optimize the performance of these payment methods?
-
Do they offer a unified view of all payments, including diverse payment methods, to improve reporting and reconciliation?
Cross-border settlements
-
Do you need to register as a local entity to enable local settlements?
-
In which countries and currencies can the provider settle funds?
-
Can they take on the risk of foreign exchange rate fluctuations between the charge and settlement?
Risk management
Fraud
Given the substantial negative consequences of high fraud rates, it is critical that your payments provider exposes a top-tier fraud solution. The most sophisticated will be directly integrated into the payments flow and use machine learning models, trained on billions of transactions, to keep bad transactions out. These adaptive algorithms should continuously learn in order to respond to new fraud vectors, minimizing false positives as well as true fraud. By using a provider with a well-rounded fraud solution, you should be able to increase authorization rates without a subsequent jump in chargebacks. Understanding that enterprises have unique needs, your provider’s fraud tool should offer a degree of flexibility. This is achieved with custom written rules and business logic for different responses to a range of risk scores. Given the rapidly and continuously changing nature of fraud, industry-leading providers will let you change and backtest fraud rules without the need for custom development. Finally, you should have the ability to review transactions flagged as high risk by your provider.
Disputes
As businesses well know, disputes represent a necessary burden in the payments acceptance space. However, that does not mean they need to create undue operational strain or diminish your customer experience. A strong provider can offer tools and expertise to reduce the work required to mitigate and respond to disputes. First, payments providers should offer ways to prevent a dispute from ever happening, such as using dynamic descriptors and integrating directly with Visa claims management and Mastercom. When disputes inevitably do happen, your provider should reduce your manual work by automatically submitting and formatting evidence and responding to disputes where possible. For disputes that do require manual intervention, the top providers will offer tools and strategies to maximize win rates. Most providers will allow you to respond to disputes within a portal or dashboard, but the most technologically advanced will allow for programmatic dispute management via APIs.
Questions to ask
Fraud
-
Do they offer a built-in fraud solution? If not, what does the integration process look like, and how long would it take? Does it need monitoring and updates?
-
How do the tools available mitigate false positives?
-
Does the provider’s fraud tool calculate risk scores? Is there flexibility in the treatment of risk scores?
-
What inputs are utilized to determine risk scores and make a fraud risk assessment?
-
Does the fraud tool leverage machine learning? If so, what is the scale of transaction data used to train fraud models?
-
How do they allow for the creation of new fraud rules? Does the creation of new rules require any custom development?
-
Does the fraud prevention tool allow for manual review of suspicious transactions?
-
Can you backtest your rules to see what would have been blocked? Do you need to manually label disputed transactions?
-
How does the fraud solution work with new fraud types like card testing?
-
Can you customize how the machine learning algorithm works for your business?
Disputes
-
What tools or services are offered to minimize chargebacks?
-
How does the provider optimize and automate dispute responses to maximize chances of success?
-
Can they calculate win rate probabilities for individual disputes to help triage priorities for response?
-
Do they allow you to programmatically manage disputes using an API, with functionality to upload evidence, respond to disputes, and receive dispute events using webhooks?
Reporting and analytics
Ensure that your payments provider can present a unified view of all payments-related data to the appropriate level of detail and in the format and interface you require. Once again, a payments provider with a unified platform and direct integrations to the card networks performs well here. A data-driven provider will offer transaction-level details, available in the requisite formats and with the possibility for custom reports, ad-hoc queries, and integration to your existing systems. A provider should offer a range of options that fit with the needs of all levels of your organization. For example, prebuilt reports in a dashboard can be updated in a timely manner for executive summaries; custom reports ensure your payments team tracks your unique KPIs; and data integrated with your accounting ledger, ERP, or other business intelligence tools ensures teams throughout the organization can get access to the necessary payments data.
Questions to ask
-
Do they allow for custom data fields that can be associated with any object (e.g., a unique transaction ID traced throughout its lifecycle)?
-
What key metrics and KPIs are provided as standard via the dashboard? What prebuilt reports are offered?
-
Is the reporting system updated in real time?
-
Can they support ingesting data in a continuous way and integrating into existing flows or monitoring tools?
-
Are APIs offered to import data into existing infrastructure?
-
What tools are available for analyzing and visualizing data on an ad hoc basis?
-
Do they offer prebuilt integrations with the most popular data warehouses?
Reconciliation
While related to reporting, reconciliation stands separate and distinct as a critical task to ensure accurate financial metrics and a unified view of your business, as well as remaining above board for compliance checks and audits. While a vital business function, reconciliation can be needlessly complex, highly manual, and prone to errors. Your payments provider should ease your operational burdens and improve back-office functions with automation, consistency, and control. The end result should be accurate reconciliation, completed quickly with minimal lag time between settlement and data availability. A sophisticated provider will offer both aggregate and individual transaction reports, with clear information on refunds, chargebacks, offsets, and fees. If discrepancies occur and an exception is generated, the provider should assist with the reconciliation and provide the requisite information in a timely manner. If you accept payment methods beyond credit cards and debit cards, ensure a provider will consolidate all payment methods (cards, bank transfers, and others) to ease the reconciliation process. Finally, a provider should pipe data into your systems of choice, such as your CRM, ERP, and even custom systems with custom reporting requirements to fit your needs.
Questions to ask
-
Do they offer a unified view of payments across your organization?
-
Can they support transaction-level reporting, including all relevant fees?
-
Can unique transaction IDs be used to track payments from origination to settlement, regardless of the channel (POS and online)?
-
Which reconciliation processes does the provider automate?
-
Does the provider support gross or net settlement?
-
How quickly after settlement is data available?
Privacy and security
The financial and reputational risk of a breach is impossible to overstate. Vulnerabilities are unacceptable, and gaps in a payments provider’s security architecture could wreak havoc with your organization. Cybersecurity attacks grow in sophistication, and the global patchwork of personal data regulations requires nuanced navigation. At a bare minimum, payment card industry (PCI) compliance is a must. At the top tier, payments providers are certified as a PCI Level 1 Service Provider, the most stringent level of certification. Your provider should offer a PCI-packet to reduce the PCI validation timeline. If you choose to store card data and work with a PCI Qualified Security Assessor (PCI QSA), your provider should make the audit process as smooth as possible. Sophisticated providers will have a security-focused layer with consistent and enforced protections to guard against common web vulnerabilities and new attack vectors. On the privacy front, your provider must keep you compliant with the multitude of regulations (e.g., the General Data Protection Regulation [GDPR]) and reduce your compliance and security burden.
Questions to ask
-
Are the provider’s services PCI Data Security Standard (PCI DSS) compliant and validated by a third party?
-
Can the provider show audited SOC 1 and 2 and PCI reports?
-
How does the system protect itself from denial-of-service (DoS) attacks?
-
Does the provider offer tools to minimize or eliminate your PCI exposure, while giving flexibility and control over your checkout experience?
-
Can your provider tokenize PANs at the point of customer interaction?
-
How are data transfers managed to ensure that data is both secure and in compliance with PCI standards and relevant local regulations (e.g., GDPR)?
How Stripe can help enterprises
Companies such as Toyota, Amazon, Lyft, and Atlassian partner with Stripe to solve payments challenges specific to their industries and build better customer experiences. Stripe offers a complete financial infrastructure platform to help enterprises transform their business models, convert more customers globally, and reduce time and resources spent on payments to focus on their core business.
Support new business models like direct-to-consumer, subscriptions, and marketplaces with Stripe’s flexible infrastructure. Optimize funds flow across your business with split funds, global payment routing, and instant payouts—all with less operational overhead.
Build, launch, and scale quickly with technology-first solutions, including powerful APIs and detailed documentation, that allow you to build once and deploy everywhere. Access structured financial reporting, build custom queries, or pipe Stripe data into your data warehouse to close your books faster and unlock rich business insights.
Future-proof your payments infrastructure with reliable, scalable, and flexible payments architecture. Enjoy market-leading uptime, confidence in handling peak volumes, and modularity to add new payment types and build best-in-class customer experiences.
Maximize revenue and minimize costs leveraging machine learning–powered authorization optimizations and smart retries, direct network integrations, and issuer-level insights. Stay at the leading edge of the payments industry with flexibility around authorizations and captures to fit your business needs.
Convert more customers globally with local acquiring in key markets to increase conversion and authorization rates. Turn on local payment methods with a single integration and provide a fully localized checkout experience dynamically optimized to the customer’s location.
Contact our sales team to learn more.
Payments RFP template
Business model requirements
In addition to evaluating ecommerce payments capabilities outlined in this guide, you may want to consider the following factors based on your specific business model.
For a recurring revenue business:
-
Does the payments provider also offer an in-house billing solution?
-
If not, does the billing provider integrate directly with a payments provider or a gateway? Can they unify billing and payments logic to reduce costs and complexity?
-
How do they reduce involuntary churn, and can they demonstrate the effectiveness of these
methods?
-
What pricing models does your billing provider support (e.g., usage-based, per-seat, metered pricing, tiers, flat-rate plus overage, free trials, discounts)?
-
Do they help you stay compliant by automatically calculating and collecting sales tax and VAT
on subscriptions or invoices?
-
What kind of payment flexibility does the solution offer out of the box (e.g., prepay for a
subscription before it starts, schedule a subscription for a future start date, backdate a
subscription, bill in installments)?
-
Does the online checkout flow allow customers to start a subscription and encourage upgrades
from monthly to annual plans?
-
Is there a dedicated portal for your customers to manage their subscriptions and invoices and
view and update payment details?
-
Are transactions automatically pulled into revenue recognition tables and charts (e.g., a revenue waterfall) and account reports (e.g., balance sheets, income statements, debit and credit journals)?
For a marketplace or platform business:
-
Does the provider offer progressive onboarding capabilities, allowing customers (sellers, vendors, individuals) to provide the minimum compliance details at initial account creation and fill out additional information later?
-
Which tools are offered to support customer identity verification? Is verification done programmatically or manually?
-
Does the provider offer prebuilt dashboards and reports and allow platforms and marketplaces as well as customers to build their own?
-
Does the product support the ability to fully whitelabel the solution, allowing you to customize branding and own the end-to-end customer experience?
-
What kind of payout schedules are available?
-
Is it possible to offload risk management to the provider? What tools does the provider offer to manage risk, refunds, and disputes?
-
Can you onboard sellers or service providers internationally?
-
On what timeline does their typical marketplace or platform user launch? Can the provider offer customer references similar to your business size and complexity?
-
What payment methods are available to sellers and service providers in terms of digital wallets and local payment methods (including buy now, pay later)?
-
Does the provider offer in-person, recurring, or invoicing payments?
-
Does the payments provider offer the ability to issue spending cards, payout cards, or financing to increase customer acquisition, lifetime value, and generate new revenue for your business?
For a business that accepts in-person payments:
If your business takes payments both online and in stores, providing an omnichannel experience should be a key consideration.
-
Can you integrate with the provider’s solution and expand across channels or markets with minimal additional engineering effort?
-
Do you get access to normalized reporting across channels, payment methods, and markets so you can view all payments in a consistent manner?
-
Does this include customer journey behavioral insights to inform your marketing strategies and loyalty programs?
-
Can the provider offer a unified consumer view regardless of where a transaction originates?
-
Is there a central dashboard where you can manage readers, order devices, and monitor activity?
-
What types of point-of-sale (POS) software and hardware does the provider offer or support?
-
Does the provider offer APIs and SDKs to enable you to build custom in-person payment experiences?
-
Can the provider support mobile payments like tap to pay with mobile, QR codes, or PIN on glass?
-
Does the provider offer precertified hardware or other resources to reduce your organization’s EMV certification burden?
-
How much online and offline volume does the provider process?
Integration experience
-
What is the average time to go live, what development resources are you expected to provide, and what implementation support does the payments provider offer?
-
What is the quality of that support, and how long does it take to leverage technical resources when requested?
-
Which programming languages are supported by the API, and are additional tools (code samples, SDKs, and clear, usable documentation) available?
-
Does their documentation include code snippets, detailed steps, and easy-to-follow recipes?
-
Do they offer a test environment or sandbox as well as test cards and bank accounts that capture your unique payments needs?
-
How much engineering time and cost can your provider help you save?
Architecture
-
Does the provider publish their uptime and offer a transparent view of real-time platform health metrics?
-
What are their stated SLAs for API availability? What is the actual historical uptime for the last 12-month period?
-
Will the payments provider’s technology complement and improve your existing systems, reducing complexity and future-proofing your payments stack?
-
How quickly can they turn on new payment methods?
-
How reliable and scalable is their infrastructure? Can it maintain consistently high uptime during peak seasons like the holidays and Black Friday and Cyber Monday?
-
Are they able to scale to your volume and handle peak events?
Payments performance
-
Can they support additional authorization and capture use cases such as incremental authorizations, extended authorization windows, and over-captures?
-
How do they optimize conversions and authorization rates?
-
Is machine learning utilized in optimization efforts?
-
Do they help you understand and improve performance based on the nuances of your business,
offering a transparent view into authorization rate uplift?
-
Can they give you a high degree of transparency into your payments costs, including detailed
interchange and scheme fees associated with each transaction?
-
How do they keep payment details up to date to maximize successful transactions?
-
Do they offer batch and real-time card account updater?
-
Can they offer network tokens, and can they optimize their use by dynamically routing tokens or PANs depending on performance to maximize uplift?
-
Do they support appropriate dunning logic to recover failed payments, such as automatic retries based on custom retry rules or machine learning–powered smart retry logic?
-
Is this logic customizable without additional development effort?
Global coverage
Global coverage and localization
-
Can the provider help you navigate local regulations to maximize authorization rates and minimize compliance?
-
Can they dynamically optimize your checkout flow based on the customer’s location?
-
In which languages are their products localized? Which languages can the customer support staff manage?
-
In which markets are their products available?
-
In which markets does the provider offer local acquiring?
-
In which markets is the provider directly connected to the card networks?
-
Which presentment currencies are offered and in which markets? Which settlement currencies?
Local payment methods
-
What are the steps to set up payment methods, and how quickly can new payment methods be turned on?
-
Is additional development effort required on your end to support a new payment method?
-
Do you need to register as a local entity to onboard onto a local payment method?
-
How do they optimize the performance of these payment methods?
-
Do they offer a unified view of all payments, including diverse payment methods, to improve reporting and reconciliation?
Cross-border settlements
-
Do you need to register as a local entity to enable local settlements?
-
In which countries and currencies can the provider settle funds?
-
Can they take on the risk of foreign exchange rate fluctuations between the charge and settlement?
Risk management
Fraud
-
Do they offer a built-in fraud solution? If not, what does the integration process look like, and how long would it take? Does it need monitoring and updates?
-
How do the tools available mitigate false positives?
-
Does the provider’s fraud tool calculate risk scores? Is there flexibility in the treatment of risk scores?
-
What inputs are utilized to determine risk scores and make a fraud risk assessment?
-
Does the fraud tool leverage machine learning? If so, what is the scale of transaction data
used to train fraud models?
-
How do they allow for the creation of new fraud rules? Does the creation of new rules require any
custom development?
-
Does the fraud prevention tool allow for manual review of suspicious transactions?
-
Can you backtest your rules to see what would have been blocked? Do you need to manually label disputed transactions?
-
How does the fraud solution work with new fraud types like card testing?
-
Can you customize how the machine learning algorithm works for your business?
Disputes
-
What tools or services are offered to minimize chargebacks?
-
How does the provider optimize and automate dispute responses to maximize chances of success?
-
Can they calculate win rate probabilities for individual disputes to help triage priorities for
response?
-
Do they allow you to programmatically manage disputes using an API, with functionality to upload evidence, respond to disputes, and receive dispute events using webhooks?
Reporting and analytics
-
Do they allow for custom data fields that can be associated with any object (e.g., a unique transaction ID traced throughout its lifecycle)?
-
What key metrics and KPIs are provided as standard via the dashboard? What prebuilt reports are offered?
-
Is the reporting system updated in real time?
-
Can they support ingesting data in a continuous way and integrating into existing flows or monitoring tools?
-
Are APIs offered to import data into existing infrastructure?
-
What tools are available for analyzing and visualizing data on an ad hoc basis?
-
Do they offer prebuilt integrations with the most popular data warehouses?
Reconciliation
-
Do they offer a unified view of payments across your organization?
-
Can they support transaction-level reporting, including all relevant fees?
-
Can unique transaction IDs be used to track payments from origination to settlement, regardless of the channel (POS and online)?
-
Which reconciliation processes does the provider automate?
-
Does the provider support gross or net settlement?
-
How quickly after settlement is data available?
Privacy and security
-
Are the provider’s services PCI DSS compliant and validated by a third party?
-
Can the provider show audited SOC 1 and 2 and PCI reports?
-
How does the system protect itself from denial-of-service (DoS) attacks?
-
Does the provider offer tools to minimize or eliminate your PCI exposure, while giving flexibility and control over your checkout experience?
-
Can your provider tokenize PANs at the point of customer interaction?
-
How are data transfers managed to ensure that data is both secure and in compliance with PCI Standards and relevant local regulations (e.g., GDPR)?