
How to Accept Online Payments: A Complete Guide
To start accepting online payments, your business needs three things:
A checkout platform via a web page, app, or invoice link.
A payment gateway and a processor.
A business bank account for deposits, also known as a merchant account.
Accepting online payments gives you faster access to funds, instant authorization, automated record-keeping, and the ability to collect payments online from customers outside the local market. Paying online is convenient for customers, too—they can pay in seconds, know right away if the purchase went through, and buy from businesses around the world.
Key takeaways
Online payments are electronic transactions between customers and businesses using a credit card, debit card, digital wallet, ACH transfer, or a buy now, pay later (BNPL) app.
Accepting online payments gives your business faster access to funds, automated record-keeping, and the ability to reach customers beyond your local market.
When you accept online payments, fees are collected by your processor or bank, which compensates your customer’s bank for approving the charge, the payment card network for routing the transaction, and the payment processor for managing the transaction.
Most customers abandon checkout if the process is too difficult, so make sure your checkout is seamless and offers multiple payment methods.
When choosing an online payment provider, businesses should consider available payment methods, fees, security/fraud capabilities, reporting tools, and integration with their systems.
What are online payments?
Online payments are electronic transactions initiated by a customer for goods, services, and bill payments—and processed using credit cards, debit cards, digital wallets, or ACH transfers. They can take place on websites, apps, portals, payment software, connected devices, and through mobile payments on smartphones and tablets.
After the customer pays, the system will begin processing payments—transferring funds electronically without paper and depositing the money into the business's bank account. And because these transactions often rely on instant approvals for immediate purchases, online payments are often the first impression customers have of how easy it is to do business with you, so it’s important to get it right.
This guide is for any business that takes online payments—small businesses, ecommerce, subscription services, wireless, and fiber. It covers how online payments work, what they cost, how to keep them safe, and how to pick an online payment system that fits the way you do business.
Online payments vs. digital payments: What’s the difference?
The difference between online payments and digital payments is that online payments can only be accepted when the customer is online, while digital payments don’t require it.
Examples of online payments: A customer is physically online when they pay, such as using a credit card at an ecommerce checkout, initiating a bank transfer through a customer portal, or renewing a subscription on a mobile app.
Examples of digital payments: Digital payments include all of the above online methods but can also take place offline. Offline digital payments occur when a customer pays in person using a digital wallet on their phone or smartwatch, taps a contactless card on a terminal, or inserts a chip card at a register—none of these require the customer to have an internet connection. Digital payments also create a traceable record of every transaction, which is useful for budgeting, reconciliation, and financial reporting.
How do online payments work?
Money from online payments travels from customers to businesses through a series of services and systems.
[IMAGES]
Use case: Margo’s online payment journey
To see what happens after a payment is made, let's follow Margo as she pays her monthly wireless bill through her provider's self-service portal using her Visa card.
STEP 1: Margo pays: Margo logs onto her wireless provider’s self-service portal, reviews her bill, enters her credit card details, and clicks “pay.”
STEP 2: After Margo pays: The portal payment gateway captures and immediately encrypts Margo’s card details, so the card number is not sent across the network in a readable format.
STEP 3: The payment processor routes the transaction: It receives the encrypted data from the gateway and forwards the payment authorization request to Visa’s network.
STEP 4: Visa routes the payment: It sends the payment request to the issuing bank—the bank that issued Margo her card.
STEP 5: Margo’s bank verifies and approves the funds: It confirms the account exists, that funds or credit are available, and screens for fraud.
STEP 6: Approval travels back the same path: The confirmation flows back through Visa, then the processor, then the gateway—and Margo sees “payment confirmed” on her screen.
STEP 7: Settlement: Once per day, the processor submits all authorized transactions in a batch for settlement—that’s when the funds are officially transferred. The wireless provider’s bank deposits the payment minus all applicable fees, typically within one to two business days.
Where the payment gateway fits in—and why tokenization matters
In Step 2 above, the payment gateway captured Margo’s card details and encrypted the data in transit so it could travel safely between Margo, the bank, and her wireless provider.
Many gateways tokenize card data, replacing the card number with a random string that has no value to a hacker. This way, the business stores only the token; the real card number stays locked away with the gateway provider, enabling low-risk recurring payments. This keeps customer data and sensitive information out of your system and supports compliance with Payment Card Industry Data Security Standard (PCI DSS), the security standard every business taking card payments must follow because protecting customer data is non-negotiable. Businesses can also work with providers to tokenize PII that aren't required for products or services, further reducing risk.
It’s easy to confuse encryption and tokenization, but they do different things. Encryption scrambles your card number while it’s traveling between systems, so it can’t be understood if intercepted, while tokenization swaps the real card number with a token, so the actual number is never stored in your database.
How payment processors and card networks help
In Margo’s scenario, two other pieces help the online payment process work: payment processors and card networks.
Payment processors connect your business to the card networks. When a customer clicks “pay,” the processor receives the data from the gateway and sends it to the right card network. After the customer’s bank approves, the processor relays the approval back through the gateway, and the customer sees “payment confirmed” on the screen. Processors provide an additional layer of fraud screening, too.
Card networks, such as Visa, Mastercard, American Express, and Discover, enforce processing rules, set fees, and send payment data between the customer’s bank and your bank. In Margo's case, Visa was the network that routed her transaction.
Pros and cons of common online payment methods—and when to use each one
Customers expect a choice when making a payment or completing a purchase—most will abandon a transaction if their preferred payment method isn't available.
METHOD | BEST FOR | PROS | CONS |
Credit and debit cards | Most purchases | Wide acceptance, fast checkout | Chargebacks and higher processing fees |
Digital wallets | One-tap mobile payments and checkouts | Less data entry, added security | Limited to some regions and systems |
Bank transfers / ACH | Recurring bills, high-dollar payments | Lower fees than cards | Slower settlement (1–3 days) |
Buy now, pay later (BNPL) | Higher-ticket purchases | Lifts conversion rates | Late payments and dispute risks |
Cash vouchers | Cash-paying customers | Reaches non-card-holding buyers | Country-specific, slow payouts |
Credit and debit cards
Despite the risk of chargebacks, credit card payments and debit card payments remain the default—every major card network is accepted globally, and customers are comfortable using them.
Digital wallets
Digital wallets store payment details in a secure app or mobile wallet and are one of the most common forms of mobile payments. Common examples include PayPal, Venmo, Apple Pay, and Google Pay. Customers pay with a tap, confirm with face or fingerprint verification, and never have to type in card details.
Bank transfers and Automated Clearing House (ACH)
In the U.S., bank transfers are direct account-to-account transactions that run through the ACH network, commonly used for consumer payments—like utilities, wireless, and rent —as well as B2B invoices and high-value transfers. For businesses collecting recurring payments—wireless and fiber providers, utility companies, and subscription services—ACH is often the better choice because fees are much lower than card processing fees.
BY THE NUMBERS: According to Nacha, in the first quarter of 2026, Same Day ACH volume rose 23.6% from the same time last year—with the value of those payments at $1.1 trillion, a 22% increase. Business-to-business volume grew to nearly $2.1 billion in the first quarter, up 9.4% from a year earlier.
Buy now, pay later (BNPL)
BNPL lets customers split a purchase into installments—typically four equal payments over six weeks. BNPL can increase conversion on higher-ticket items, but some BNPL providers are facing financial pressure as default rates rise.
BY THE NUMBERS: The Federal Reserve reported that 15% of U.S. consumers used BNPL in 2024, but 24% of users were late on at least one payment, up from 18% in 2023—raising dispute and customer service risk for your business.
What do you need to accept online payments? A business checklist
The three essentials at the top of this article—a checkout, a payment gateway and processor, and a business bank account—cover the transaction itself. Let's break down everything you need in place to accept online payments: a payment gateway, a payment processor (usually bundled with the gateway), a business bank account, and clear policies for refunds and disputes.
A user-friendly checkout experience: This is the payment experience your customer uses to complete a purchase. It could be a hosted or embedded checkout page, a mobile app, or a payment link sent by text or email.
A payment gateway, if needed: A payment gateway securely sends payment information from your checkout to the processor. Many payment providers include this automatically.
A payment processor: A payment processor handles the transaction behind the scenes by communicating with the customer’s bank and moving funds. This is often bundled with the gateway through providers like Forte.
A business bank account: This is the account where your payments are deposited. Personal accounts are typically not accepted for business transactions.
Refund and dispute policies: These are the rules for handling refund requests and charge disputes. Setting them in advance can help protect your business and improve the customer experience. Payment operations platforms, like CSG Forte’s Dex, have built in tools for managing disputes with ease—in one centralized location.
What does it cost to accept online payments?
Understanding the fee stack helps you compare options and budget accurately. Payment processing fees usually include:
Interchange fees: Paid to your customer’s bank (issuing bank) for approving the transaction; it varies depending on your vertical and typically runs 1% to 3.3% for credit cards + a fixed amount, lower for debit.
Scheme fees: Collected by card networks (Visa, Mastercard) and they can vary; cover authorization fees, cross-border fees, and network operating costs.
Chargebacks: When your customer disputes a charge with their bank instead of you, the burden of proof falls on your business to demonstrate the transaction was valid—and whether you win or lose, you pay an additional fee on top of any refund.
ACH fees: Most processors charge merchants $0.20 to $1.50 per transaction, or 0.5%–1.5% for percentage-based pricing—significantly lower than card processing fees, which is why ACH is often the better choice for recurring bills, B2B, and high-dollar payments.
What other things can affect your rate? Card type (credit vs. debit, rewards vs. basic), transaction location, channel (in-person vs. online), and your merchant category code (MCC)—a four-digit code assigned to your business that describes your line of business and affects the interchange rate you pay. Most payment providers bundle these fees into a single flat rate or percentage, which is convenient but can make it harder to see exactly what you're paying for.
BY THE NUMBERS: According to Mastercard, the average U.S. chargeback is valued at approximately $110—and chargeback volume is growing globally.
Are online payments safe? Security basics for buyers and sellers
Online payments are not risk-free. Cybersecurity threats, including hacking, identity theft, and stolen card numbers are real risks, but the right combination of technology, processes, and tools significantly reduces exposure for you and your customers.
Core security measures: Encryption and tokenization
The payment gateway handles two things: it encrypts card data as it travels so it cannot be intercepted, and it can tokenize card numbers and PII, so the real numbers and personal information are never stored. See the gateway section above for how both work. Every business accepting card payments must also comply with Payment Card Industry Data Security Standard (PCI DSS)—the security baseline for card data handling.
Transaction velocity monitoring
Payment processing platforms may monitor transaction velocity and other activity indicators to identify potentially suspicious payment behavior. Through alerts, reporting, and risk-monitoring capabilities, businesses can gain visibility into unusual transaction patterns and take appropriate action. When paired with controls such as card verification (e.g., expiration date and CVV/CVC validation) and multifactor authentication, these capabilities can help reduce payment risk.
Authentication: 3D Secure
Merchants can add an extra layer of authentication to card payments through 3D Secure, a protocol supported by many payment gateways. When triggered, the customer's bank sends a one-time code to their phone or prompts a biometric check (face or fingerprint) before approving the payment. 3D Secure is standard in Europe and Latin America and used selectively in the U.S. for higher-risk transactions.
Enhanced fraud protection: Rules-based vs. machine learning
Fraud threats continue to evolve as attackers use increasingly sophisticated techniques including account takeovers, identity theft, and chargeback fraud. As a result, layered fraud detection is becoming increasingly important. Two distinct solutions exist:
Rule-based detection: A human sets up the custom rules using if “x” happens, then do “y” logic—such as” flag any transaction over $1,000 from a new device,” “block rapid-repeat purchases from the same card,” or “decline transactions from certain countries or IP addresses.”
AI and machine learning-based detection: Instead of human-defined rules, models continuously train on historical and real-time transaction data to identify anomalous behavior and emerging fraud patterns. Unlike static rules, these systems adapt and help reduce false positives while improving fraud detection accuracy.
What are the best practices for collecting payments online?
A strong online payment system should make checkout easy, prevent fraud, and recover payments that don't go through the first time.
Minimize friction during checkout
Keep form fields simple—only ask for what’s required, support autofill, and ensure pages load quickly.
Make checkout mobile-friendly with responsive layouts, on-screen keypads, and support for digital wallets and mobile payments like Apple Pay. These reduce friction for smart phone shoppers.
Offer several payment options: credits cards, debit cards, ACH, and buy now, pay later.
Most customers will abandon checkout if the process is too difficult—every extra step, slow load time, or missing payment method gives them a reason to leave.
Offer fraud protection
Most providers include configurable fraud tools in their dashboard. Start with conservative thresholds and tighten or loosen them as you learn about your decline patterns.
Reduce avoidable declines
Submit CVC, billing ZIP code, and cardholder name with every transaction; the more data the issuing bank can verify, the more likely it is to approve a legitimate charge.
Track the reason codes when a card is declined—they’ll tell you whether a decline was fraud or a fixable problem with your own rules.
Some declines are temporary—a single retry often recovers the payment.
How do you integrate online payments?
How you connect to a payment system to process payments for your business depends on how much control you need and how fast you want to implement it.
Hosted checkout and payment links (fastest)
A hosted checkout is a payment page managed by your provider; they also handle PCI compliance. The customer clicks a link and pays on a secure page your company didn't have to build first. The tradeoff is less control over your brand. It’s best for small businesses and anyone who needs to start accepting payments quickly.
Embedded checkout (more control)
An embedded checkout puts the payment form directly inside your website or app, which keeps your brand visible. This means more development work, but most providers offer pre-built components that handle card data securely. Embedded checkouts are best for ecommerce businesses, subscription platforms, and anyone building a branded customer experience.
Billing and invoicing workflows
For businesses that collect recurring payments or send invoices— like utility companies and telecom, fiber, and wireless providers—the integration connects your online payment billing system to your processor so customers can pay bills, set up autopay, or manage payment methods through a self-service portal. It’s the right fit for regulated industries, subscription businesses, and any organization managing a large volume of online bill payments.
How do you choose an online payment system?
No single online payment solution or provider is right for every business. Use the criteria below to evaluate your options—and weigh them based on what matters most.
Criteria | What to look for |
Payment methods and coverage | Does it accept cards, digital wallets, and ACH bank transfers? Does it support payment methods your customers use to pay their bills? |
Fraud and dispute support | Are there default or add-on tools to help validate transactions and prevent fraud? Is there a process for handling customer disputes? |
Fees and pricing transparency | Can you see exactly what you're paying—and to whom? Avoid providers that bury fees in fine print. |
Setup and integration | Can it connect to your existing back-office platforms? Are there options for low code or custom integrations? |
Reporting | Can you see failed payments, decline reasons, and chargeback rates tied to specific billing events? |
Business model fit | Does it handle payment options such as one-time purchases, autopay, recurring monthly bills, or invoices? |
Business-model considerations: SaaS, subscriptions, recurring billing, and platforms
A wireless provider billing thousands of customers each month has different payment requirements than a retailer selling one product at a time—and your payment system needs to reflect that. Here's how they break down by business type.
Ecommerce and retail: One-time purchases
For one-time purchases, checkout friction is the primary concern for online retailers. A slow page, extra form fields, or a missing payment method can cost you a sale. Chargebacks are an ongoing cost, so clear refund policies and strong fraud tools matter more than in other business models.
Hybrid retail, restaurants, and service businesses
Businesses that sell both online and in person—clothing boutiques with a Shopify site, restaurants with dine-in plus online ordering, salons or fitness studios where customers can book online or walk in—need a payment system that connects both channels. Look for a provider that accepts cards, wallets, ACH, and in-person payments through one dashboard, so customer records, refunds, and reporting stay unified.
Subscriptions and recurring billing
Wireless providers, fiber companies, streaming services, and other subscription businesses face a different problem: failed payments. About 9% of subscription payments fail on the first charge attempt, which is a major source of voluntary churn.
Two tools help:
Retry logic automatically retries the charge after a short delay.
Dunning sends automated emails or notifications asking the customer to update their payment method before their service is interrupted.
The best recurring billing platforms handle both automatically.
Regulated industries: Multi-channel billing at scale
Telecoms, utilities, and financial services often collect payments through multiple channels: online portals, mobile apps, IVR phone systems, retail kiosks, agent locations, and mailed checks. A payment platform that supports all these channels through one system—and stays compliant with the extra rules that apply in regulated industries—is essential for keeping customer records and reporting unified across every touchpoint.
Where are online payments headed?
Three trends worth watching as you plan your online payments strategy: ACH payments, BNPL, and chargebacks and fraud.
ACH transfers are increasing
Bank-to-bank transfers are growing faster than any other payment method, especially for recurring bills and business-to-business payments. Same Day ACH is leading the acceleration: in 2025, it processed 1.4 billion payments worth $3.9 trillion—up 16.7% year over year. That growth is continuing into 2026, with Q1 2026 alone seeing 403 million Same Day ACH payments valued at $1.1 trillion, a 23.6% jump.
BNPL is growing—and so are the risks
Buy now, pay later continues to gain adoption, but the late payment rate is rising alongside it. As BNPL becomes a standard checkout option, businesses offering it will need to monitor dispute volumes and customer service impact closely.
Chargebacks and fraud costs are rising
Mastercard projects global chargeback volume will reach 324 million transactions annually by 2028—a 24% increase from 2025 levels. The average U.S. chargeback is valued at approximately $110, making prevention a financial priority.
How CSG Forte helps companies modernize payments and billing
For companies accepting online payments at scale—telecom, wireless, and fiber providers; internet providers; utilities; financial services; subscription services; ecommerce and retail; and non-profits and education—the challenge isn't just processing transactions. It's making the payment experience effortless for customers, no matter the channel they use.
CSG Forte helps organizations unify online payments and billing across every touchpoint, so customers can pay how they want, when they want, and through the channel they prefer—whether that's a self-service portal, a mobile app, a digital wallet, or an automated recurring payment, or an in-person kiosk.
FAQs
How do I set up online payments for a small business?
Setting up online payments for a small business involves five steps: 1) choosing a payment provider, like Forte who can help you make the process as seamless as possible, 2) deciding which kind of payment to accept, 3) setting up your checkout experience, 4) connecting a business bank account, and 5) testing the payment flow before going live.
What should I track after launching online payments?
Through your back-office payment operations platform, monitor these metrics after launch: sales trends, payment approval rate, payment type preference to adjust your acceptance strategies, chargeback volume, refund volume, and decline reason codes.
Is it safe to pay online with a routing and account number?
Paying with a bank account and routing number—typically through ACH—is common for bill payments and is generally safe when done through a verified, trusted payment page. The risk increases when entering bank details on unfamiliar or unverified sites, so make sure your payment portal is clearly branded and secure before asking customers to provide banking information.
What payment methods should I offer to reduce cart abandonment?
At a minimum, offer ACH and credit and debit cards as a form of payment because customers expect them. Add at least one digital wallet option like Apple Pay or Google Pay, which reduces friction for mobile shoppers.
Why do online payments fail or get declined?
Online payments fail for several reasons: the card number, expiration date, or billing ZIP doesn't match the bank's records; the customer has insufficient funds or has reached their credit limit; the bank flags the transaction as suspicious; or there's a technical issue with the gateway or processor.
Most declines fall into two categories: hard declines (permanent, such as a canceled card) and soft declines (temporary, such as a timeout or low balance). Soft declines are often worth retrying after a short delay. Your payment provider should offer tools to help mitigate these risks.
How do refunds and chargebacks work for online payments?
You initiate the refund, and the amount gets returned directly to the customer's original payment method—typically within three to five business days. A chargeback is different: the customer disputes the charge with their bank, which reverses the payment and requires you to prove the transaction was valid. Chargebacks cost more than refunds—you lose the sale amount, pay a chargeback fee, and spend time on the dispute. A clear refund policy reduces chargebacks by giving customers a direct path to resolution. All of this can be managed in your providers' payment operations platform with ease.