Find a bank to process your online payments
Online payments are processed by acquiring banks where businesses can open an internet merchant account (IMA). These banks include:
- Barclaycard Business
- Lloyds Banking Group
- NatWest/Royal Bank of Scotland
- Ulster Bank
The following charge-card companies also act as acquiring banks:
- American Express
- Diners Club
American Express and Diners Club will only accept payments from their own cards.
See UK Cards Association guidance on UK acquirers.
The acquiring banks have strict requirements and it's possible that even the bank you use for your business current account may refuse you - see checklist: applying for an internet merchant account. Alternatively, there are other IMA providers that you can find online.
Once the IMA has been set up, secure socket layer (SSL) technology is used to encrypt transaction data and to send the necessary customer and card details to the acquiring bank in order to authorise the purchase. You should, therefore, ensure that any web-hosting solution you are considering can support the SSL protocol.
General Data Protection Regulation (GDPR)
Under GDPR, the Information Commissioner's Office can issue fines for data security breaches. The size of the fine will depend on the size and scope of the breach, if the breach was deliberate or accidental, the affected organisation's finances and how much trouble the breach caused.
In order to help reduce security breaches, organisations need to comply with the Payment Card Industry Data Security Standard - see Payment Card Industry Data Security Standard compliance.