1. Field of the Art
Generally, payment processing for online retail businesses is described. Specifically, third party-assisted tokenization and payment processing are described.
2. Discussion of the Related Art
A “hosted order page” (HOP) is a third-party hosted webpage that accepts payment information from customers on behalf of merchants. A merchant website typically redirects a customer to an HOP on the third-party's domain/server when the customer selects a ‘Buy’ or ‘Checkout’ button from an online shopping cart. Once at the HOP, the customer inputs payment information, such as credit card information. The third-party, which is neither the merchant nor the customer, uses the payment information entered by the customer to process the purchase transaction for the merchant so that the merchant can avoid handling the customer's payment information, and thereby avoid the cost and effort of complying with the Payment Card Industry Data Security Standard (PCI DSS) and government regulations regarding storing sensitive payment information.
A “silent order post” (SOP) is akin to an HOP but with only the sensitive textboxes and other input controls being hosted by the third party. That is, the merchant hosts the order page but the sensitive fields, such as the credit card number and expiration date entry textboxes, are posted only to the third party's servers.
Oftentimes, online merchants enable consumers to create an account/profile on the merchant's webserver and store their payment information (e.g., credit-card information) in the account/profile. This way, instead of the consumers having to enter payment information each time they want to make a purchase from the merchant's website, the merchant can use the stored payment information to process the transaction. Also, for example, merchants use stored payment information to charge consumers on a recurring basis. For example, an online newspaper publisher may charge its subscribers once per month.
Merchants that utilize an HOP/SOP and therefore do not store or have access to consumers' payment information cannot charge consumers, either for one-time or recurring payments, without instructing the consumers to input their payment information each time. Requesting consumers to input their payment information each time the consumer wants to make a purchase or each time a recurring payment needs to be made can be burdensome to consumers and could result in missed sales opportunities and consumers delaying or missing payments.